Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8
9(* constrain sledgehammer to the abstraction layer *)
10unbundle AOT_no_atp
11
12(* To enable meta syntax: *)
13(*interpretation AOT_meta_syntax.*)
14(* To disable meta syntax: *)
15interpretation AOT_no_meta_syntax.
16
17(* To enable AOT syntax (takes precedence over meta syntax; can be done locally using "including" or "include"): *)
18unbundle AOT_syntax
19(* To disable AOT syntax (restoring meta syntax or no syntax; can be done locally using "including" or "include"): *)
20(* unbundle AOT_no_syntax *)
21
22AOT_theorem "modus-ponens": assumes φ and φ  ψ shows ψ
23  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
24lemmas MP = "modus-ponens"
25
26AOT_theorem "non-con-thm-thm": assumes  φ shows  φ
27  using assms by simp
28
29AOT_theorem "vdash-properties:1[1]": assumes φ  Λ shows  φ
30  using assms unfolding AOT_model_act_axiom_def by blast (* NOTE: semantics needed *)
31
32attribute_setup act_axiom_inst =
33  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
34  "Instantiate modally fragile axiom as modally fragile theorem."
35
36AOT_theorem "vdash-properties:1[2]": assumes φ  Λ shows  φ
37  using assms unfolding AOT_model_axiom_def by blast (* NOTE: semantics needed *)
38
39attribute_setup axiom_inst =
40  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
41  "Instantiate axiom as theorem."
42
43method cqt_2_lambda_inst_prover = (fast intro: AOT_instance_of_cqt_2_intro)
44method "cqt:2[lambda]" = (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
45lemmas "cqt:2" = "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst] AOT_instance_of_cqt_2_intro
46method "cqt:2" = (safe intro!: "cqt:2")
47
48AOT_theorem "vdash-properties:3": assumes  φ shows Γ  φ
49  using assms by blast
50
51AOT_theorem "vdash-properties:5": assumes Γ1  φ and Γ2  φ  ψ shows Γ1, Γ2  ψ
52  using MP assms by blast
53
54AOT_theorem "vdash-properties:6": assumes φ and φ  ψ shows ψ
55  using MP assms by blast
56
57AOT_theorem "vdash-properties:8": assumes Γ  φ and φ  ψ shows Γ  ψ
58  using assms by argo
59
60AOT_theorem "vdash-properties:9": assumes φ shows ψ  φ
61  using MP "pl:1"[axiom_inst] assms by blast
62
63AOT_theorem "vdash-properties:10": assumes φ  ψ and φ shows ψ
64  using MP assms by blast
65lemmas "→E" = "vdash-properties:10"
66
67AOT_theorem "rule-gen": assumes for arbitrary α: φ{α} shows α φ{α}
68  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall) (* NOTE: semantics needed *)
69lemmas GEN = "rule-gen"
70
71AOT_theorem "RN[prem]": assumes Γ  φ shows Γ  φ
72  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
73AOT_theorem RN: assumes  φ shows φ
74  using "RN[prem]" assms by blast
75
76AOT_axiom "df-rules-formulas[1]": assumes φ df ψ shows φ  ψ
77  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
78AOT_axiom "df-rules-formulas[2]": assumes φ df ψ shows ψ  φ
79  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
80(* NOTE: for convenience also state the above as regular theorems *)
81AOT_theorem "df-rules-formulas[3]": assumes φ df ψ shows φ  ψ
82  using "df-rules-formulas[1]"[axiom_inst, OF assms].
83AOT_theorem "df-rules-formulas[4]": assumes φ df ψ shows ψ  φ
84  using "df-rules-formulas[2]"[axiom_inst, OF assms].
85
86
87AOT_axiom "df-rules-terms[1]":
88  assumes τ{α1...αn} =df σ{α1...αn}
89  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
90  using assms by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
91AOT_axiom "df-rules-terms[2]":
92  assumes τ =df σ
93  shows (σ  τ = σ) & (¬σ  ¬τ)
94  by (metis "df-rules-terms[1]" case_unit_Unity assms)
95(* NOTE: for convenience also state the above as regular theorems *)
96AOT_theorem "df-rules-terms[3]":
97  assumes τ{α1...αn} =df σ{α1...αn}
98  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
99  using "df-rules-terms[1]"[axiom_inst, OF assms].
100AOT_theorem "df-rules-terms[4]":
101  assumes τ =df σ
102  shows (σ  τ = σ) & (¬σ  ¬τ)
103  using "df-rules-terms[2]"[axiom_inst, OF assms].
104
105
106AOT_theorem "if-p-then-p": φ  φ
107  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
108
109AOT_theorem "deduction-theorem": assumes φ  ψ shows φ  ψ
110  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
111lemmas CP = "deduction-theorem"
112lemmas "→I" = "deduction-theorem"
113
114AOT_theorem "ded-thm-cor:1": assumes Γ1  φ  ψ and Γ2  ψ  χ shows Γ1, Γ2  φ  χ
115  using "→E" "→I" assms by blast
116AOT_theorem "ded-thm-cor:2": assumes Γ1  φ  (ψ  χ) and Γ2  ψ shows Γ1, Γ2  φ  χ
117  using "→E" "→I" assms by blast
118
119AOT_theorem "ded-thm-cor:3": assumes φ  ψ and ψ  χ shows φ  χ
120  using "→E" "→I" assms by blast
121declare "ded-thm-cor:3"[trans]
122AOT_theorem "ded-thm-cor:4": assumes φ  (ψ  χ) and ψ shows φ  χ
123  using "→E" "→I" assms by blast
124
125lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
126
127AOT_theorem "useful-tautologies:1": ¬¬φ  φ
128  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
129AOT_theorem "useful-tautologies:2": φ  ¬¬φ
130  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
131AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
132  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
133AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
134  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
135AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
136  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
137
138AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
139  by (metis "→I" MP "useful-tautologies:4")
140
141AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
142  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
143
144AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
145  by (metis "→I" MP "useful-tautologies:5")
146
147AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
148  by (metis "→I" MP "useful-tautologies:6")
149
150AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
151  by (metis "→I" MP "pl:3"[axiom_inst])
152
153AOT_theorem "dn-i-e:1": assumes φ shows ¬¬φ
154  using MP "useful-tautologies:2" assms by blast
155lemmas "¬¬I" = "dn-i-e:1"
156AOT_theorem "dn-i-e:2": assumes ¬¬φ shows φ
157  using MP "useful-tautologies:1" assms by blast
158lemmas "¬¬E" = "dn-i-e:2"
159
160AOT_theorem "modus-tollens:1": assumes φ  ψ and ¬ψ shows ¬φ
161  using MP "useful-tautologies:5" assms by blast
162AOT_theorem "modus-tollens:2": assumes φ  ¬ψ and ψ shows ¬φ
163  using "¬¬I" "modus-tollens:1" assms by blast
164lemmas MT = "modus-tollens:1" "modus-tollens:2"
165
166AOT_theorem "contraposition:1[1]": assumes φ  ψ shows ¬ψ  ¬φ
167  using "→I" MT(1) assms by blast
168AOT_theorem "contraposition:1[2]": assumes ¬ψ  ¬φ shows φ  ψ
169  using "→I" "¬¬E" MT(2) assms by blast
170
171AOT_theorem "contraposition:2": assumes φ  ¬ψ shows ψ  ¬φ
172  using "→I" MT(2) assms by blast
173
174(* TODO: this is actually a mixture of the two variants given in PLM; adjust. *)
175AOT_theorem "reductio-aa:1":
176  assumes ¬φ  ¬ψ and ¬φ  ψ shows φ
177  using "→I" "¬¬E" MT(2) assms by blast
178AOT_theorem "reductio-aa:2":
179  assumes φ  ¬ψ and φ  ψ shows ¬φ
180  using "reductio-aa:1" assms by blast
181lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
182
183AOT_theorem "exc-mid": φ  ¬φ
184  using "df-rules-formulas[4]" "if-p-then-p" MP "conventions:2" by blast
185
186AOT_theorem "non-contradiction": ¬(φ & ¬φ)
187  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2" "conventions:1" by blast
188
189AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
190  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
191AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
192  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2) "¬¬E" "conventions:1")
193lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
194
195AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
196  by (meson "contraposition:1[2]" "df-rules-formulas[4]" MP "→I" "conventions:2")
197AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
198  using "Hypothetical Syllogism" "df-rules-formulas[4]" "pl:1"[axiom_inst] "conventions:2" by blast
199lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
200
201AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
202  by (metis "contraposition:2" "Hypothetical Syllogism" "→I" "df-rules-formulas[4]" "conventions:1")
203lemmas Adjunction = "con-dis-taut:5"
204
205AOT_theorem "con-dis-taut:6": (φ & φ)  φ
206  by (metis Adjunction "→I" "df-rules-formulas[4]" MP "Conjunction Simplification"(1) "conventions:3")
207lemmas "Idempotence of &" = "con-dis-taut:6"
208
209AOT_theorem "con-dis-taut:7": (φ  φ)  φ
210proof -
211  {
212    AOT_assume φ  φ
213    AOT_hence ¬φ  φ
214      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
215    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
216  }
217  moreover {
218    AOT_assume φ
219    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
220  }
221  ultimately AOT_show (φ  φ)  φ
222    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
223    by (metis Adjunction "→I")
224qed
225lemmas "Idempotence of ∨" = "con-dis-taut:7"
226
227
228AOT_theorem "con-dis-i-e:1": assumes φ and ψ shows φ & ψ
229  using Adjunction MP assms by blast
230lemmas "&I" = "con-dis-i-e:1"
231
232AOT_theorem "con-dis-i-e:2:a": assumes φ & ψ shows φ
233  using "Conjunction Simplification"(1) MP assms by blast
234AOT_theorem "con-dis-i-e:2:b": assumes φ & ψ shows ψ
235  using "Conjunction Simplification"(2) MP assms by blast
236lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
237
238AOT_theorem "con-dis-i-e:3:a": assumes φ shows φ  ψ
239  using "Disjunction Addition"(1) MP assms by blast
240AOT_theorem "con-dis-i-e:3:b": assumes ψ shows φ  ψ
241  using "Disjunction Addition"(2) MP assms by blast
242AOT_theorem "con-dis-i-e:3:c": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
243  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2) "df-rules-formulas[3]" MT(1) RAA(1) "conventions:2" assms)
244lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
245
246AOT_theorem "con-dis-i-e:4:a": assumes φ  ψ and φ  χ and ψ  χ shows χ
247  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
248AOT_theorem "con-dis-i-e:4:b": assumes φ  ψ and ¬φ shows ψ
249  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
250AOT_theorem "con-dis-i-e:4:c": assumes φ  ψ and ¬ψ shows φ
251  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
252lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
253
254AOT_theorem "raa-cor:1": assumes ¬φ  ψ & ¬ψ shows φ
255  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
256AOT_theorem "raa-cor:2": assumes φ  ψ & ¬ψ shows ¬φ
257  using "raa-cor:1" assms by blast
258AOT_theorem "raa-cor:3": assumes φ and ¬ψ  ¬φ shows ψ
259  using RAA assms by blast
260AOT_theorem "raa-cor:4": assumes ¬φ and ¬ψ  φ shows ψ
261  using RAA assms by blast
262AOT_theorem "raa-cor:5": assumes φ and ψ  ¬φ shows ¬ψ
263  using RAA assms by blast
264AOT_theorem "raa-cor:6": assumes ¬φ and ψ  φ shows ¬ψ
265  using RAA assms by blast
266
267(* TODO: note these need manual introduction rules *)
268AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
269  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
270     (metis "&E" "&I" "raa-cor:3" "→I" MP)
271AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
272  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
273     (metis "&E" "&I" "raa-cor:3" "→I" MP)
274AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
275  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
276     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
277
278AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
279  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
280     (meson "&I" "&E" "→I")
281lemmas "Commutativity of &" = "oth-class-taut:2:a"
282AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
283  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
284     (metis "&I" "&E" "→I")
285lemmas "Associativity of &" = "oth-class-taut:2:b"
286AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
287  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
288     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
289lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
290AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
291  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
292     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
293lemmas "Associativity of ∨" = "oth-class-taut:2:d"
294AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
295  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
296      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E" "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
297lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
298AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
299  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
300        "→I" "→E" "&E" "&I"
301  by metis
302lemmas "Associativity of ≡" = "oth-class-taut:2:f"
303
304AOT_theorem "oth-class-taut:3:a": φ  φ
305  using "&I" "vdash-properties:6" "if-p-then-p" "df-rules-formulas[4]" "conventions:3" by blast
306AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
307  using "&I" "useful-tautologies:1" "useful-tautologies:2" "vdash-properties:6" "df-rules-formulas[4]" "conventions:3" by blast
308AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
309  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
310
311AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
312  by (metis "→E" "→I")
313AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
314  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
315        "→I" "→E" "&E" "&I" RAA by metis
316AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
317  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
318        "→I" "→E" "&E" "&I" by metis
319AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
320  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
321        "→I" "→E" "&E" "&I" by metis
322AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
323  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
324        "→I" "→E" "&E" "&I" by metis
325AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
326  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
327        "→I" "→E" "&E" "&I" by metis
328(* TODO: nicer proof *)
329AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
330  apply (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I"; rule "→I")
331   apply (drule "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
332   apply (metis "&I" "&E" "∨I"(1,2) MT(1) "raa-cor:3")
333  apply (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I"; rule "→I")
334  using "&E" "∨E"(2) "raa-cor:3" by blast+
335AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
336  apply (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I"; rule "→I")
337  apply (metis "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]" "raa-cor:3" "conventions:3")
338  by (metis "&E" "∨E"(2) "→E" "df-rules-formulas[3]" "raa-cor:3" "conventions:3")
339AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
340  using "conventions:3"[THEN "df-rules-formulas[4]"]
341        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
342AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
343  using "conventions:3"[THEN "df-rules-formulas[4]"]
344        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
345AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
346  using "conventions:3"[THEN "df-rules-formulas[4]"]
347        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
348AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
349  using "conventions:3"[THEN "df-rules-formulas[4]"]
350        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
351
352lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
353
354AOT_theorem "oth-class-taut:6:a": (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
355  using "conventions:3"[THEN "df-rules-formulas[4]"]
356        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
357AOT_theorem "oth-class-taut:6:b": (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
358  using "conventions:3"[THEN "df-rules-formulas[4]"]
359        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
360
361AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
362  by (metis "&I" "→E" "→I")
363lemmas Exportation = "oth-class-taut:7:a"
364AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
365  by (metis "&E" "→E" "→I")
366lemmas Importation = "oth-class-taut:7:b"
367
368AOT_theorem "oth-class-taut:8:a": (φ  (ψ  χ))  (ψ  (φ  χ))
369  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I" by metis
370lemmas Permutation = "oth-class-taut:8:a"
371AOT_theorem "oth-class-taut:8:b": (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
372  by (metis "&I" "→E" "→I")
373lemmas Composition = "oth-class-taut:8:b"
374AOT_theorem "oth-class-taut:8:c": (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
375  by (metis "∨E"(2) "→E" "→I" RAA(1))
376AOT_theorem "oth-class-taut:8:d": ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
377  by (metis "&E" "&I" "→E" "→I")
378lemmas "Double Composition" = "oth-class-taut:8:d"
379AOT_theorem "oth-class-taut:8:e": ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
380  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
381            "→I" "→E" "&E" "&I")
382AOT_theorem "oth-class-taut:8:f": ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
383  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
384            "→I" "→E" "&E" "&I")
385AOT_theorem "oth-class-taut:8:g": (ψ  χ)  ((φ  ψ)  (φ  χ))
386  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
387            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
388AOT_theorem "oth-class-taut:8:h": (ψ  χ)  ((ψ  φ)  (χ  φ))
389  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
390            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
391AOT_theorem "oth-class-taut:8:i": (φ  (ψ & χ))  (ψ  (φ  χ))
392  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
393            "→I" "→E" "&E" "&I")
394
395AOT_theorem "intro-elim:1": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
396  by (metis assms "∨I"(1, 2) "∨E"(1) "conventions:3"[THEN "df-rules-formulas[3]"] "→I" "→E" "&E"(1))
397
398AOT_theorem "intro-elim:2": assumes φ  ψ and ψ  φ shows φ  ψ
399  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
400lemmas "≡I" = "intro-elim:2"
401
402AOT_theorem "intro-elim:3:a": assumes φ  ψ and φ shows ψ
403  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
404AOT_theorem "intro-elim:3:b": assumes φ  ψ and ψ shows φ
405  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
406AOT_theorem "intro-elim:3:c": assumes φ  ψ and ¬φ shows ¬ψ
407  using "intro-elim:3:b" "raa-cor:3" assms by blast
408AOT_theorem "intro-elim:3:d": assumes φ  ψ and ¬ψ shows ¬φ
409  using "intro-elim:3:a" "raa-cor:3" assms by blast
410AOT_theorem "intro-elim:3:e": assumes φ  ψ and ψ  χ shows φ  χ
411  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
412declare "intro-elim:3:e"[trans]
413AOT_theorem "intro-elim:3:f": assumes φ  ψ and φ  χ shows χ  ψ
414  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
415lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c" "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
416
417declare "Commutativity of ≡"[THEN "≡E"(1), sym]
418
419AOT_theorem "rule-eq-df:1": assumes φ df ψ shows φ  ψ
420  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
421lemmas "≡Df" = "rule-eq-df:1"
422AOT_theorem "rule-eq-df:2": assumes φ df ψ and φ shows ψ
423  using "≡Df" "≡E"(1) assms by blast
424lemmas "≡dfE" = "rule-eq-df:2"
425AOT_theorem "rule-eq-df:3": assumes φ df ψ and ψ shows φ
426  using "≡Df" "≡E"(2) assms by blast
427lemmas "≡dfI" = "rule-eq-df:3"
428
429AOT_theorem  "df-simplify:1": assumes φ  (ψ & χ) and ψ shows φ  χ
430  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
431(* TODO: this is a slight variation from PLM *)
432AOT_theorem  "df-simplify:2": assumes φ  (ψ & χ) and χ shows φ  ψ
433  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
434lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
435
436AOT_theorem "rule-ui:1": assumes α φ{α} and τ shows φ{τ}
437  using "→E" "cqt:1"[axiom_inst] assms by blast
438AOT_theorem "rule-ui:2[const_var]": assumes α φ{α} shows φ{β}
439  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
440(* TODO: precise proviso in PLM *)
441AOT_theorem "rule-ui:2[lambda]":
442  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
443  shows φ{ν1...νn ψ{ν1...νn}]}
444  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
445AOT_theorem "rule-ui:3": assumes α φ{α} shows φ{α}
446  by (simp add: "rule-ui:2[const_var]" assms)
447lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]" "rule-ui:2[lambda]" "rule-ui:3"
448
449AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β} by (simp add: "∀E"(2) "→I")
450AOT_theorem "cqt-orig:1[lambda]":
451  assumes INSTANCE_OF_CQT_2(ψ)
452  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
453  by (simp add: "∀E"(3) "→I" assms)
454AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
455  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
456AOT_theorem "cqt-orig:3": α φ{α}  φ{α} using "cqt-orig:1[const_var]" .
457
458(* TODO: work out difference to GEN *)
459AOT_theorem universal: assumes for arbitrary β: φ{β} shows α φ{α}
460  using GEN assms .
461lemmas "∀I" = universal
462
463(* Generalized mechanism for "∀I" followed by ∀E *)
464ML465fun get_instantiated_allI ctxt varname thm = let
466val trm = Thm.concl_of thm
467val trm = case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
468                      | _ => raise Term.TERM ("Expected simple theorem.", [trm])
469fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
470    (if fst (fst v) = fst varname then [Var v] else []) (* TODO: care about the index? *)
471  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
472  | extractVars (Abs (_, _, t)) = extractVars t
473  | extractVars _ = []
474val vars = extractVars trm
475val vars = fold Term.add_vars vars []
476val var = hd vars
477val trmty = case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
478              | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
479val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
480      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
481       $ Var var, trm))
482val trm = Thm.cterm_of (Context.proof_of ctxt) trm
483val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
484val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
485val allthm = Drule.instantiate_normalize ([(ty, typ)],[]) @{thm "∀I"}
486val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
487val allthm = Drule.instantiate_normalize ([],[(phi,trm)]) allthm
488in
489allthm
490end
491
492
493attribute_setup "∀I" =
494  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
495  (fn ctxt => fn thm => fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm))
496  "Quantify over a variable in a theorem using GEN."
497
498attribute_setup "unvarify" =
499  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
500  (fn ctxt => fn thm =>
501    let
502    val thm = fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm
503    val thm = fold (fn _ => fn thm => thm RS @{thm "∀E"(1)}) args thm
504    in
505     thm
506    end))
507  "Generalize a statement about variables to a statement about denoting terms."
508
509(* TODO: rereplace-lem does not apply to the embedding *)
510
511AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
512  by (metis "≡I" "∀E"(2) "∀I" "→I")
513
514AOT_theorem "cqt-basic:2": α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
515proof (rule "≡I"; rule "→I")
516  AOT_assume α(φ{α}  ψ{α})
517  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
518  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
519    using "≡E"(1,2) "→I" by blast+
520  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
521    by (auto intro: "&I" "∀I")
522next
523  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
524  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
525    using "∀E"(2) "&E" by blast+
526  AOT_hence φ{α}  ψ{α} for α
527    using "≡I" by blast
528  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
529qed
530
531AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
532proof(rule "→I")
533  AOT_assume α(φ{α}  ψ{α})
534  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
535  {
536    AOT_assume α φ{α}
537    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
538  }
539  moreover {
540    AOT_assume α ψ{α}
541    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
542  }
543  ultimately AOT_show α φ{α}  α ψ{α}
544    using "≡I" "→I" by auto
545qed
546
547AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
548proof(rule "→I")
549  AOT_assume 0: α(φ{α} & ψ{α})
550  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
551  AOT_thus α φ{α} & α ψ{α}
552    by (auto intro: "∀I" "&I")
553qed
554
555AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
556  using "cqt-orig:3" by blast
557
558AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
559  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
560
561AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
562  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
563
564AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
565  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
566
567AOT_theorem "cqt-basic:9": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
568proof -
569  {
570    AOT_assume α (φ{α}  ψ{α})
571    moreover AOT_assume α (ψ{α}  χ{α})
572    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α using "∀E" by blast+
573    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
574    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
575  }
576  thus ?thesis using "&I" "→I" "&E" by meson
577qed
578
579AOT_theorem "cqt-basic:10": (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
580proof(rule "→I"; rule "∀I")
581  fix β
582  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
583  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
584  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
585qed
586
587AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
588proof (rule "≡I"; rule "→I")
589  AOT_assume 0: α(φ{α}  ψ{α})
590  {
591    fix α
592    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
593    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
594  }
595  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
596next
597  AOT_assume 0: α(ψ{α}  φ{α})
598  {
599    fix α
600    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
601    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
602  }
603  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
604qed
605
606AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
607  by (simp add: "∀E"(2) "→I" GEN)
608
609AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
610  using "≡I" "→I" by blast
611
612AOT_theorem "cqt-basic:14": (α1...∀αn (φ{α1...αn}  ψ{α1...αn}))  ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
613  using "cqt:3"[axiom_inst] by auto
614
615AOT_theorem "cqt-basic:15": (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
616  using "cqt-orig:2" by auto
617
618(* TODO: once more the same in the embedding... need to distinguish these better *)
619AOT_theorem "universal-cor": assumes for arbitrary β: φ{β}  shows α φ{α}
620  using GEN assms .
621
622AOT_theorem "existential:1": assumes φ{τ} and τ shows α φ{α}
623proof(rule "raa-cor:1")
624  AOT_assume ¬α φ{α}
625  AOT_hence α ¬φ{α}
626    using "≡dfI" "conventions:4" RAA "&I" by blast
627  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
628  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
629qed
630
631AOT_theorem "existential:2[const_var]": assumes φ{β} shows α φ{α}
632  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
633
634AOT_theorem "existential:2[lambda]":
635  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
636  shows α φ{α}
637  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
638lemmas "∃I" = "existential:1" "existential:2[const_var]" "existential:2[lambda]" 
639
640AOT_theorem "instantiation":
641  assumes for arbitrary β: φ{β}  ψ and α φ{α}
642  shows ψ
643  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
644lemmas "∃E" = "instantiation"
645
646AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
647  using "∀E"(4) "∃I"(2) "→I" by metis
648
649AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
650  using "∀I" "∃I"(2) "→I" RAA by metis
651
652AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
653  using "∀E"(4) "∃E" "→I" RAA
654  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
655
656AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
657  using "∀I" "∃I"(2)"→I" RAA by metis
658
659AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
660  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
661
662AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
663  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
664
665AOT_theorem "cqt-further:7": α φ{α}  β φ{β} (* TODO: vacuous in the embedding *)
666  by (simp add: "oth-class-taut:3:a")
667
668AOT_theorem "cqt-further:8": (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
669  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
670
671AOT_theorem "cqt-further:9": (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
672  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
673
674AOT_theorem "cqt-further:10": (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
675proof(rule "→I"; rule "raa-cor:2")
676  AOT_assume 0: α φ{α} & ¬α ψ{α}
677  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
678  moreover AOT_assume α (φ{α}  ψ{α})
679  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
680  AOT_hence α ψ{α} using "∃I" by blast
681  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
682qed
683
684AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
685  using "≡I" "→I" "∃I"(2) "∃E" by metis
686
687AOT_theorem "log-prop-prop:1":  φ]
688  using "cqt:2[lambda0]"[axiom_inst] by auto
689
690AOT_theorem "log-prop-prop:2": φ
691  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
692
693AOT_theorem "exist-nec": τ  τ
694proof -
695  AOT_have β β
696    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
697  AOT_thus τ  τ
698    using "cqt:1"[axiom_inst] "→E" by blast
699qed
700
701(* TODO: replace this mechanism by a "proof by types" command *)
702class AOT_Term_id = AOT_Term +
703  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
704      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
705
706instance κ :: AOT_Term_id
707proof
708  AOT_modally_strict {
709    AOT_show κ = κ'  κ for κ κ'
710    proof(rule "→I")
711      AOT_assume κ = κ'
712      AOT_hence O!κ  A!κ
713        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
714           (meson "→I" "∨I"(1) "&E"(1))+
715      AOT_thus κ
716        by (rule "∨E"(1))
717           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
718    qed
719  }
720next
721  AOT_modally_strict {
722    AOT_show κ = κ'  κ' for κ κ'
723    proof(rule "→I")
724      AOT_assume κ = κ'
725      AOT_hence O!κ'  A!κ'
726        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
727           (meson "→I" "∨I" "&E")+
728      AOT_thus κ'
729        by (rule "∨E"(1))
730           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
731    qed
732  }
733qed
734
735instance rel :: (AOT_κs) AOT_Term_id
736proof
737  AOT_modally_strict {
738    AOT_show Π = Π'  Π for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
739    proof(rule "→I")
740      AOT_assume Π = Π'
741      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
742    qed
743  }
744next
745  AOT_modally_strict {
746    AOT_show Π = Π'  Π' for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
747    proof(rule "→I")
748      AOT_assume Π = Π'
749      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
750    qed
751  }
752qed
753
754instance 𝗈 :: AOT_Term_id
755proof
756  AOT_modally_strict {
757    fix φ ψ
758    AOT_show φ = ψ  φ
759    proof(rule "→I")
760      AOT_assume φ = ψ
761      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
762    qed
763  }
764next
765  AOT_modally_strict {
766    fix φ ψ
767    AOT_show φ = ψ  ψ
768    proof(rule "→I")
769      AOT_assume φ = ψ
770      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
771    qed
772  }
773qed
774
775instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
776proof
777  AOT_modally_strict {
778    fix τ τ' :: 'a×'b
779    AOT_show τ = τ'  τ
780    proof (induct τ; induct τ'; rule "→I")
781      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
782      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
783      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
784      AOT_hence τ1 and τ2 using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
785      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
786    qed
787  }
788next
789  AOT_modally_strict {
790    fix τ τ' :: 'a×'b
791    AOT_show τ = τ'  τ'
792    proof (induct τ; induct τ'; rule "→I")
793      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
794      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
795      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
796      AOT_hence τ1' and τ2' using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
797      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
798    qed
799  }
800qed
801
802(* TODO: this is the end of the "proof by types" and makes the results available on new theorems *)
803AOT_register_type_constraints
804  Term: _::AOT_Term_id› _::AOT_Term_id›
805AOT_register_type_constraints
806  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
807AOT_register_type_constraints
808  Relation: <_::{AOT_κs, AOT_Term_id}>
809
810AOT_theorem "id-rel-nec-equiv:1": Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
811proof(rule "→I")
812  AOT_assume assumption: Π = Π'
813  AOT_hence Π and Π'
814    using "t=t-proper:1" "t=t-proper:2" MP by blast+
815  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn))  x1...∀xn ([F]x1...xn  [G]x1...xn)))
816    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
817  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn))
818    using "∀E"(1) by blast
819  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
820    using assumption "→E" by blast
821  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
822    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
823  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
824    using "→E" by blast
825qed
826
827AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
828proof(rule "→I")
829  AOT_assume assumption: φ = ψ
830  AOT_hence φ and ψ
831    using "t=t-proper:1" "t=t-proper:2" MP by blast+
832  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
833    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
834  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
835    using "∀E"(1) by blast
836  AOT_hence (φ  φ)  (φ  ψ)
837    using assumption "→E" by blast
838  moreover AOT_have (φ  φ)
839    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
840  ultimately AOT_show (φ  ψ)
841    using "→E" by blast
842qed
843
844AOT_theorem "rule=E": assumes φ{τ} and τ = σ shows φ{σ}
845proof -
846  AOT_have τ and σ using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
847  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
848    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
849  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
850    using "∀E"(1) by blast
851  AOT_thus φ{σ} using assms "→E" by blast
852qed
853
854AOT_theorem "propositions-lemma:1":  φ] = φ
855proof -
856  AOT_have φ by (simp add: "log-prop-prop:2")
857  moreover AOT_have p  p] = p using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
858  ultimately AOT_show  φ] = φ
859    using "∀E" by blast
860qed
861
862AOT_theorem "propositions-lemma:2":  φ]  φ
863proof -
864  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
865  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
866qed
867
868(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
869
870AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
871  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
872
873(* dr-alphabetic-rules does not apply *)
874
875AOT_theorem "oa-exist:1": O!
876proof -
877  AOT_have x [E!]x] by "cqt:2[lambda]"
878  AOT_hence 1: O! = x [E!]x] using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
879  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
880qed
881
882AOT_theorem "oa-exist:2": A!
883proof -
884  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
885  AOT_hence 1: A! = x ¬[E!]x] using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
886  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
887qed
888
889AOT_theorem "oa-exist:3": O!x  A!x
890proof(rule "raa-cor:1")
891  AOT_assume ¬(O!x  A!x)
892  AOT_hence A: ¬O!x and B: ¬A!x
893    using "Disjunction Addition"(1) "modus-tollens:1" "∨I"(2) "raa-cor:5" by blast+
894  AOT_have C: O! = x [E!]x]
895    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
896  AOT_have D: A! = x ¬[E!]x]
897    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
898  AOT_have E: ¬x [E!]x]x
899    using A C "rule=E" by fast
900  AOT_have F: ¬x ¬[E!]x]x
901    using B D "rule=E" by fast
902  AOT_have G: x [E!]x]x  [E!]x
903    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
904  AOT_have H: x ¬[E!]x]x  ¬[E!]x
905    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
906  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
907qed
908
909AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
910proof -
911  AOT_have F = G  F & G & x(x[F]  x[G])
912    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
913  moreover AOT_have F and G
914    by (auto simp: "cqt:2[const_var]"[axiom_inst])
915  ultimately AOT_show F = G  x(x[F]  x[G])
916    using "≡S"(1) "&I" by blast
917qed
918
919AOT_theorem "p-identity-thm2:2[2]": F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
920proof -
921  AOT_have F = G  F & G & y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
922    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
923  moreover AOT_have F and G
924    by (auto simp: "cqt:2[const_var]"[axiom_inst])
925  ultimately show ?thesis
926    using "≡S"(1) "&I" by blast
927qed
928    
929AOT_theorem "p-identity-thm2:2[3]": F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
930proof -
931  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
932    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
933  moreover AOT_have F and G
934    by (auto simp: "cqt:2[const_var]"[axiom_inst])
935  ultimately show ?thesis
936    using "≡S"(1) "&I" by blast
937qed
938
939AOT_theorem "p-identity-thm2:2[4]": F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
940proof -
941  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
942    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
943  moreover AOT_have F and G
944    by (auto simp: "cqt:2[const_var]"[axiom_inst])
945  ultimately show ?thesis
946    using "≡S"(1) "&I" by blast
947qed
948
949AOT_theorem "p-identity-thm2:2":
950  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
951proof -
952  AOT_have F = G  F & G & x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
953    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
954  moreover AOT_have F and G
955    by (auto simp: "cqt:2[const_var]"[axiom_inst])
956  ultimately show ?thesis
957    using "≡S"(1) "&I" by blast
958qed
959
960AOT_theorem "p-identity-thm2:3":
961  p = q  x p] = x q]
962proof -
963  AOT_have p = q  p & q & x p] = x q]
964    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
965  moreover AOT_have p and q
966    by (auto simp: "cqt:2[const_var]"[axiom_inst])
967  ultimately show ?thesis
968    using "≡S"(1) "&I" by blast
969qed
970
971class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
972
973instance κ :: AOT_Term_id_2
974proof
975  AOT_modally_strict {
976    fix x
977    {
978      AOT_assume O!x
979      moreover AOT_have F([F]x  [F]x)
980        using RN GEN "oth-class-taut:3:a" by fast
981      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
982    }
983    moreover {
984      AOT_assume A!x
985      moreover AOT_have F(x[F]  x[F])
986        using RN GEN "oth-class-taut:3:a" by fast
987      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
988    }
989    ultimately AOT_have (O!x & O!x & F([F]x  [F]x))  (A!x & A!x & F(x[F]  x[F]))
990      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
991    AOT_thus x = x
992      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
993  }
994qed
995
996instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
997proof
998  AOT_modally_strict {
999    fix F :: "<'a> AOT_var"
1000    AOT_have 0: x1...xn [F]x1...xn] = F
1001      by (simp add: "lambda-predicates:3"[axiom_inst])
1002    AOT_have x1...xn [F]x1...xn]
1003      by "cqt:2[lambda]"
1004    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1005      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1006    AOT_show F = F using "rule=E" 0 by force 
1007  }
1008qed
1009
1010instance 𝗈 :: AOT_Term_id_2
1011proof
1012  AOT_modally_strict {
1013    fix p
1014    AOT_have 0:  p] = p
1015      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1016    AOT_have  p]
1017      by (rule "cqt:2[lambda0]"[axiom_inst])
1018    AOT_hence  p] =  p]
1019      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1020    AOT_show p = p using "rule=E" 0 by force
1021  }
1022qed
1023
1024instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1025proof
1026  AOT_modally_strict {
1027    fix α :: ('a×'b) AOT_var›
1028    AOT_show α = α
1029    proof (induct)
1030      AOT_show τ = τ if τ for τ :: 'a×'b
1031        using that
1032      proof (induct τ)
1033        fix τ1 :: 'a and τ2 :: 'b
1034        AOT_assume «(τ1,τ2)»
1035        AOT_hence τ1 and τ2 using "≡dfE" "&E" tuple_denotes by blast+
1036        AOT_hence τ1 = τ1 and τ2 = τ2 using "id-eq:1"[unvarify α] by blast+
1037        AOT_thus «(τ1, τ2)» = «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_identity_1)
1038      qed
1039    qed
1040  }
1041qed
1042
1043AOT_register_type_constraints
1044  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1045AOT_register_type_constraints
1046  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1047AOT_register_type_constraints
1048  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1049
1050(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1051AOT_theorem "id-eq:2": α = β  β = α
1052(*
1053  TODO: look at this proof generated using:
1054        including AOT_no_atp sledgehammer[isar_proofs = true]
1055proof -
1056  have "(∃φ. [v ⊨ ~β = α → ~φ] ∧ [v ⊨ α = β → φ]) ∨ (∃φ. ¬ [v ⊨ φ{α} → φ{β}])"
1057    by meson
1058  then show ?thesis
1059    by (meson "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" l_"identity:1" "useful-tautologies:1")
1060qed
1061*)
1062(*  by (meson "rule=E" "deduction-theorem") *)
1063proof (rule "→I")
1064  AOT_assume α = β
1065  moreover AOT_have β = β using calculation "rule=E"[of _ "λ τ . «τ = β»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1066  moreover AOT_have α = α  α = α using "if-p-then-p" by blast
1067  ultimately AOT_show β = α
1068    using "→E" "→I" "rule=E"[of _ "λ τ . «(τ = τ)  (τ = α)»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1069qed
1070
1071AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1072  using "rule=E" "→I" "&E" by blast
1073
1074AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1075proof (rule "≡I"; rule "→I")
1076  AOT_assume 0: α = β
1077  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1078  AOT_show γ (α = γ  β = γ)
1079    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1080next
1081  AOT_assume γ (α = γ  β = γ)
1082  AOT_hence α = α  β = α using "∀E"(2) by blast
1083  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1084  AOT_hence β = α using "id-eq:1" "→E" by blast
1085  AOT_thus α = β using "id-eq:2" "→E" by blast
1086qed
1087
1088AOT_theorem "rule=I:1": assumes τ shows τ = τ
1089proof -
1090  AOT_have α (α = α)
1091    by (rule GEN) (metis "id-eq:1")
1092  AOT_thus τ = τ using assms "∀E" by blast
1093qed
1094
1095AOT_theorem "rule=I:2[const_var]": "α = α"
1096  using "id-eq:1".
1097
1098AOT_theorem "rule=I:2[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1099proof -
1100  AOT_have α (α = α)
1101    by (rule GEN) (metis "id-eq:1")
1102  moreover AOT_have ν1...νn φ{ν1...νn}] using assms by (rule "cqt:2[lambda]"[axiom_inst])
1103  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}] using assms "∀E" by blast
1104qed
1105
1106lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1107
1108AOT_theorem "rule-id-df:1":
1109  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1110  shows τ{τ1...τn} = σ{τ1...τn}
1111proof -
1112  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1113    using "df-rules-terms[3]" assms(1) "&E" by blast
1114  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1115    using assms(2) "→E" by blast
1116qed
1117
1118AOT_theorem "rule-id-df:1[zero]":
1119  assumes τ =df σ and σ
1120  shows τ = σ
1121proof -
1122  AOT_have σ  τ = σ
1123    using "df-rules-terms[4]" assms(1) "&E" by blast
1124  AOT_thus τ = σ
1125    using assms(2) "→E" by blast
1126qed
1127
1128AOT_theorem "rule-id-df:2:a":
1129  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1130  shows φ{σ{τ1...τn}}
1131proof -
1132  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1133  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1134qed
1135
1136(* TODO: get rid of this, ideally *)
1137AOT_theorem "rule-id-df:2:a[2]":
1138  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{τ{«(τ1,τ2)»}}
1139  shows φ{σ{«(τ1,τ2)»}}
1140proof -
1141  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1142  proof -
1143    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1144      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1145    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1146      using assms(2) "→E" by blast
1147  qed
1148  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1149qed
1150
1151AOT_theorem "rule-id-df:2:a[zero]":
1152  assumes τ =df σ and σ and φ{τ}
1153  shows φ{σ}
1154proof -
1155  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1156  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1157qed
1158
1159lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1160
1161AOT_theorem "rule-id-df:2:b":
1162  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1163  shows φ{τ{τ1...τn}}
1164proof -
1165  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1166  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1167    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1168  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1169qed
1170
1171(* TODO: get rid of this, ideally *)
1172AOT_theorem "rule-id-df:2:b[2]":
1173  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{σ{«(τ1,τ2)»}}
1174  shows φ{τ{«(τ1,τ2)»}}
1175proof -
1176  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1177  proof -
1178    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1179      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1180    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1181      using assms(2) "→E" by blast
1182  qed
1183  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1184    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1185  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1186qed
1187
1188AOT_theorem "rule-id-df:2:b[zero]":
1189  assumes τ =df σ and σ and φ{σ}
1190  shows φ{τ}
1191proof -
1192  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1193  AOT_hence σ = τ
1194    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1195  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1196qed
1197
1198lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1199
1200AOT_theorem "free-thms:1": τ  β (β = τ)
1201  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1202
1203AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1204  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1205
1206AOT_theorem "free-thms:3[const_var]": β (β = α)
1207  by (meson "∃I"(2) "id-eq:1")
1208
1209AOT_theorem "free-thms:3[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows β (β = ν1...νn φ{ν1...νn}])
1210  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1211
1212AOT_theorem "free-thms:4[rel]": ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1213  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1214
1215(* TODO: this is a rather weird way to formulate this and we don't have tuple-existential-elimination
1216         or tuple-equality-elimination in the theory... Splitting them is also a bit unfortunate, though.*)
1217AOT_theorem "free-thms:4[vars]": ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1218  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1219
1220AOT_theorem "free-thms:4[1,rel]": ([Π]κ  κ[Π])  β (β = Π)
1221  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1222AOT_theorem "free-thms:4[1,1]": ([Π]κ  κ[Π])  β (β = κ)
1223  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1224
1225AOT_theorem "free-thms:4[2,rel]": ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1226  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1227AOT_theorem "free-thms:4[2,1]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1228  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1229AOT_theorem "free-thms:4[2,2]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1230  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1231AOT_theorem "free-thms:4[3,rel]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1232  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1233AOT_theorem "free-thms:4[3,1]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1234  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1235AOT_theorem "free-thms:4[3,2]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1236  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1237AOT_theorem "free-thms:4[3,3]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1238  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1239AOT_theorem "free-thms:4[4,rel]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1240  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1241AOT_theorem "free-thms:4[4,1]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1242  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1243AOT_theorem "free-thms:4[4,2]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1244  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1245AOT_theorem "free-thms:4[4,3]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1246  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1247AOT_theorem "free-thms:4[4,4]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1248  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1249
1250AOT_theorem "ex:1:a": α α
1251  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1252AOT_theorem "ex:1:b": αβ(β = α)
1253  by (rule GEN) (fact "free-thms:3[const_var]")
1254
1255AOT_theorem "ex:2:a": α
1256  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1257AOT_theorem "ex:2:b": β(β = α)
1258  by (rule RN) (fact "free-thms:3[const_var]")
1259
1260AOT_theorem "ex:3:a": α α
1261  by (rule RN) (fact "ex:1:a")
1262AOT_theorem "ex:3:b": αβ(β = α)
1263  by (rule RN) (fact "ex:1:b")
1264
1265AOT_theorem "ex:4:a": α α
1266  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1267AOT_theorem "ex:4:b": αβ(β = α)
1268  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1269
1270AOT_theorem "ex:5:a": α α
1271  by (rule RN) (simp add: "ex:4:a")
1272AOT_theorem "ex:5:b": αβ(β = α)
1273  by (rule RN) (simp add: "ex:4:b")
1274
1275AOT_theorem "all-self=:1": α(α = α)
1276  by (rule RN; rule GEN) (fact "id-eq:1")
1277AOT_theorem "all-self=:2": α(α = α)
1278  by (rule GEN; rule RN) (fact "id-eq:1")
1279
1280AOT_theorem "id-nec:1": α = β  (α = β)
1281proof(rule "→I")
1282  AOT_assume α = β
1283  moreover AOT_have (α = α)
1284    by (rule RN) (fact "id-eq:1")
1285  ultimately AOT_show (α = β) using "rule=E" by fast
1286qed
1287
1288AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1289proof(rule "→I")
1290  AOT_assume asm: τ = σ
1291  moreover AOT_have τ
1292    using calculation "t=t-proper:1" "→E" by blast
1293  moreover AOT_have (τ = τ)
1294    using calculation "all-self=:2" "∀E"(1) by blast
1295  ultimately AOT_show (τ = σ) using "rule=E" by fast
1296qed
1297
1298AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1299proof (rule "≡I"; rule "→I")
1300  AOT_assume asm: φ{α}
1301  AOT_show β (β = α & φ{β})
1302    by (rule "∃I"(2)[where β=α]; rule "&I")
1303       (auto simp: "id-eq:1" asm)
1304next
1305  AOT_assume 0: β (β = α & φ{β})
1306  (* TODO: have another look at this instantiation. Ideally AOT_obtain would resolve directly to the existential
1307           statement as proof obligation *)
1308  AOT_obtain β where β = α & φ{β} using "instantiation"[rotated, OF 0] by blast
1309  AOT_thus φ{α} using "&E" "rule=E" by blast
1310qed
1311
1312AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1313proof(rule "→I")
1314  AOT_assume τ
1315  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1316    by (rule GEN) (fact "term-out:1")
1317  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1318    using "∀E" by blast
1319qed
1320
1321(* TODO: example of an apply-style proof. Keep or reformulate? *)
1322AOT_theorem "term-out:3": (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1323  apply (rule "≡I"; rule "→I")
1324   apply (frule "&E"(1)) apply (drule "&E"(2))
1325   apply (rule GEN; rule "≡I"; rule "→I")
1326  using "rule-ui:2[const_var]" "vdash-properties:5" apply blast
1327  apply (meson "rule=E" "id-eq:1")
1328  apply (rule "&I")
1329  using "id-eq:1" "≡E"(2) "rule-ui:3" apply blast
1330  apply (rule GEN; rule "→I")
1331  using "≡E"(1) "rule-ui:2[const_var]" by blast
1332
1333AOT_theorem "term-out:4": (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1334  using "term-out:3" . (* TODO: same as above - another instance of the generalized alphabetic variant rule... *)
1335
1336(* TODO: would of course be nice to define it without the syntax magic *)
1337AOT_define AOT_exists_unique :: ‹α  φ  φ›
1338  "uniqueness:1": «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1339syntax "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1340AOT_syntax_print_translations
1341  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1342syntax
1343   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ› (∃!_...∃!_ _› [1,40])
1344parse_ast_translation[(syntax_const‹_AOT_exists_unique_ellipse›, fn ctx => fn [a,b,c] =>
1345  Ast.mk_appl (Ast.Constant "AOT_exists_unique") [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1346(syntax_const‹_AOT_exists_unique›,AOT_restricted_binder const_name‹AOT_exists_unique› const_syntax‹AOT_conj›)]
1347print_translationAOT_syntax_print_translations
1348  [AOT_preserve_binder_abs_tr' const_syntax‹AOT_exists_unique› syntax_const‹_AOT_exists_unique› (syntax_const‹_AOT_exists_unique_ellipse›, true) const_name‹AOT_conj›,
1349  AOT_binder_trans @{theory} @{binding "AOT_exists_unique_binder"} syntax_const‹_AOT_exists_unique›]
1350
1351
1352
1353context AOT_meta_syntax
1354begin
1355notation AOT_exists_unique (binder "!" 20)
1356end
1357context AOT_no_meta_syntax
1358begin
1359no_notation AOT_exists_unique (binder "!" 20)
1360end
1361
1362AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1363proof(rule "≡I"; rule "→I")
1364    AOT_assume ∃!α φ{α}
1365    AOT_hence α (φ{α} & β (φ{β}  β = α))
1366      using "uniqueness:1" "≡dfE" by blast
1367    then AOT_obtain α where φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1368    AOT_hence β(φ{β}  β = α) using "term-out:3" "≡E" by blast
1369    AOT_thus αβ(φ{β}  β = α)
1370      using "∃I" by fast
1371next
1372    AOT_assume αβ(φ{β}  β = α)
1373    then AOT_obtain α where β (φ{β}  β = α) using "instantiation"[rotated] by blast
1374    AOT_hence φ{α} & β (φ{β}  β = α) using "term-out:3" "≡E" by blast
1375    AOT_hence α (φ{α} & β (φ{β}  β = α))
1376      using "∃I" by fast
1377    AOT_thus ∃!α φ{α}
1378      using "uniqueness:1" "≡dfI" by blast
1379qed
1380
1381AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1382proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1383  fix β γ
1384  AOT_assume ∃!α φ{α}
1385  AOT_hence αβ(φ{β}  β = α)
1386    using "uniqueness:2" "≡E" by blast
1387  then AOT_obtain α where β(φ{β}  β = α)
1388    using "instantiation"[rotated] by blast
1389  moreover AOT_assume φ{β} & φ{γ}
1390  ultimately AOT_have β = α and γ = α
1391    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1392  AOT_thus β = γ
1393    by (metis "rule=E" "id-eq:2" "→E")
1394qed
1395
1396AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1397proof (rule "→I"; rule "→I")
1398  AOT_assume a: α(φ{α}  φ{α})
1399  AOT_assume ∃!α φ{α}
1400  AOT_hence α (φ{α} & β (φ{β}  β = α)) using "uniqueness:1" "≡dfE" by blast
1401  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1402  AOT_have φ{α}
1403    using ξ a "&E" "∀E" "→E" by fast
1404  moreover AOT_have β (φ{β}  β = α)
1405    apply (rule GEN; rule "→I")
1406    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
1407  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1408    using "&I" by blast
1409  AOT_thus ∃!α φ{α}
1410    using "uniqueness:1" "≡dfI" "∃I" by fast
1411qed
1412
1413AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1414  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1415
1416AOT_theorem "nec-imp-act": φ  𝒜φ
1417  by (metis "act-cond" "contraposition:1[2]" "≡E"(4) "qml:2"[THEN act_closure, axiom_inst] "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1418
1419AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1420  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] by blast
1421
1422AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1423  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] RAA(1))
1424
1425AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1426proof -
1427  AOT_have (φ  (ψ  (φ & ψ)))
1428    by (rule RN) (fact Adjunction)
1429  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1430    using "nec-imp-act" "→E" by blast
1431  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1432    using "act-cond" "→E" by blast
1433  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1434    by (fact "act-cond")
1435  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1436    using "→I" "→E" by metis
1437  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1438    by (metis Importation "→E")
1439qed
1440
1441AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1442proof -
1443  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1444    by (fact "act-conj-act:3")
1445  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1446    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1447  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1448    using "→E" by blast
1449  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1450    using "conventions:3"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst] by blast
1451  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1452    using "act-cond" "→E" by blast
1453  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1454qed
1455
1456(* TODO: consider introducing AOT_inductive *)
1457inductive arbitrary_actualization for φ where
1458  arbitrary_actualization φ «𝒜φ»
1459| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1460declare arbitrary_actualization.cases[AOT] arbitrary_actualization.induct[AOT]
1461        arbitrary_actualization.simps[AOT] arbitrary_actualization.intros[AOT]
1462syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop› ("ARBITRARY'_ACTUALIZATION'(_,_')")
1463
1464notepad
1465begin
1466  AOT_modally_strict {
1467    fix φ
1468    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1469      using AOT_PLM.arbitrary_actualization.intros by metis
1470    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1471      using AOT_PLM.arbitrary_actualization.intros by metis
1472    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1473      using AOT_PLM.arbitrary_actualization.intros by metis
1474  }
1475end
1476
1477
1478AOT_theorem "closure-act:1": assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ) shows ψ
1479using assms proof(induct)
1480  case 1
1481  AOT_show 𝒜(𝒜φ  φ)
1482    by (simp add: "act-conj-act:4")
1483next
1484  case (2 ψ)
1485  AOT_thus 𝒜ψ
1486    by (metis arbitrary_actualization.simps "≡E"(1) "logic-actual-nec:4"[axiom_inst])
1487qed
1488
1489AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1490  by (simp add: "act-conj-act:4" "∀I")
1491
1492AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1493  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "logic-actual-nec:3"[axiom_inst] "logic-actual-nec:4"[axiom_inst] "∀I")
1494
1495AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1496  using "closure-act:3" .
1497
1498(* TODO: examine these proofs *)
1499AOT_theorem "RA[1]": assumes  φ shows  𝒜φ
1500  (* This proof is the one rejected in remark (136) (meta-rule) *)
1501  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst] "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1502AOT_theorem "RA[2]": assumes  φ shows 𝒜φ
1503  (* This is actually Γ ⊢ φ ⟹ □Γ ⊢ 𝒜φ*)
1504  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1505AOT_theorem "RA[3]": assumes Γ  φ shows 𝒜Γ  𝒜φ
1506  using assms by (meson AOT_sem_act imageI)
1507  (* This is not exactly right either. *)
1508
1509AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1510  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem" "≡I" "logic-actual"[act_axiom_inst])
1511
1512AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1513  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1" "useful-tautologies:2" by blast
1514
1515AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1516  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1517
1518AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1519proof (rule "≡I"; rule "→I")
1520  AOT_assume 𝒜(φ & ψ)
1521  moreover AOT_have 𝒜((φ & ψ)  φ)
1522    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1523  moreover AOT_have 𝒜((φ & ψ)  ψ)
1524    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1525  ultimately AOT_show 𝒜φ & 𝒜ψ
1526    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1527next
1528  AOT_assume 𝒜φ & 𝒜ψ
1529  AOT_thus 𝒜(φ & ψ)
1530    using "act-conj-act:3" "vdash-properties:6" by blast
1531qed
1532
1533AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1534proof (rule "≡I"; rule "→I")
1535  AOT_assume 𝒜(φ  ψ)
1536  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1537    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1538  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1539    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1540  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1541    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1542next
1543  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1544  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1545    by (metis "act-conj-act:3" "vdash-properties:10")
1546  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1547    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]" "vdash-properties:1[2]")
1548  ultimately AOT_show 𝒜(φ  ψ)
1549    using "act-cond"[THEN "→E", THEN "→E"] by metis
1550qed
1551
1552AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1553proof (rule "≡I"; rule "→I")
1554  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1555  AOT_show 𝒜φ  𝒜ψ
1556    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1557next
1558  AOT_assume 𝒜φ  𝒜ψ
1559  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1560    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1561qed
1562
1563AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1564  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1565
1566AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1567  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1568
1569AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1570  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act" "qml-act:2"[axiom_inst])
1571
1572AOT_theorem "Act-Basic:8": φ  𝒜φ
1573  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1574
1575AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1576proof (rule "≡I"; rule "→I")
1577  AOT_assume 𝒜(φ  ψ)
1578  AOT_thus 𝒜φ  𝒜ψ
1579  proof (rule "raa-cor:3")
1580    AOT_assume ¬(𝒜φ  𝒜ψ)
1581    AOT_hence ¬𝒜φ & ¬𝒜ψ
1582      by (metis "≡E"(1) "oth-class-taut:5:d")
1583    AOT_hence 𝒜¬φ & 𝒜¬ψ
1584      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1585    AOT_hence 𝒜(¬φ & ¬ψ)
1586      using "≡E" "Act-Basic:2" by metis
1587    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1588      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1589    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1590      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1591    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1592    AOT_thus ¬𝒜(φ  ψ)
1593      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1594  qed
1595next
1596  AOT_assume 𝒜φ  𝒜ψ
1597  AOT_thus 𝒜(φ  ψ)
1598    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
1599qed
1600
1601AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1602proof -
1603  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1604    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1605       (metis "logic-actual-nec:3"[axiom_inst])
1606  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1607    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1608       (rule "logic-actual-nec:1"[THEN universal_closure, axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1609  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1610    using "conventions:4"[THEN "df-rules-formulas[1]", THEN act_closure, axiom_inst]
1611          "conventions:4"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst]
1612    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1613  also AOT_have   ¬𝒜α ¬φ{α}
1614    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1615  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1616  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1617  also AOT_have   α 𝒜 φ{α}
1618    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1619  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1620qed
1621
1622
1623AOT_theorem "Act-Basic:11": 𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1624proof(rule "≡I"; rule "→I")
1625  AOT_assume 𝒜α(φ{α}  ψ{α})
1626  AOT_hence α𝒜(φ{α}  ψ{α})
1627    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1628  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1629  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1630  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1631next
1632  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1633  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1634  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1635  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1636  AOT_thus 𝒜α(φ{α}  ψ{α})
1637    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1638qed
1639
1640AOT_act_theorem "act-quant-uniq": β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1641proof(rule "≡I"; rule "→I")
1642  AOT_assume β(𝒜φ{β}  β = α)
1643  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1644  AOT_hence φ{β}  β = α for β
1645    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1646    by metis
1647  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1648next
1649  AOT_assume β(φ{β}  β = α)
1650  AOT_hence φ{β}  β = α for β using "∀E" by blast
1651  AOT_hence 𝒜φ{β}  β = α for β
1652    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1653    by metis
1654  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
1655qed
1656
1657AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
1658  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
1659
1660AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
1661  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" "fund-cont-desc" "≡E"(5) by blast
1662
1663
1664locale russel_axiom =
1665  fixes ψ
1666  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
1667begin
1668AOT_act_theorem "russell-axiom": ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
1669proof -
1670  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
1671    using hintikka "∀I" by fast
1672  show ?thesis
1673  proof(rule "≡I"; rule "→I")
1674    AOT_assume c: ψ{ιx φ{x}}
1675    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1676    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1677    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1678    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a)) using b "∀E" by blast
1679    ultimately AOT_have φ{a} & z(φ{z}  z = a) using "≡E" by blast
1680    moreover AOT_have ψ{a}
1681    proof - 
1682      AOT_have 1: xy(x = y  y = x)
1683        by (simp add: "id-eq:2" "universal-cor")
1684      AOT_have a = ιx φ{x}   ιx φ{x} = a
1685        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1686           (auto simp: 1 d "universal-cor")
1687      AOT_thus ψ{a}
1688        using a_def c "rule=E" "→E" by blast
1689    qed
1690    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
1691    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
1692  next
1693    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
1694    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1695    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b)) using b "∀E" by blast
1696    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1697    AOT_hence b = ιx φ{x} using h "≡E" by blast
1698    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1699  qed
1700qed
1701end
1702
1703(* TODO: this nicely shows off using locales with the embedding, but maybe there is still a nicer way *)
1704(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these instantiation instead of referring
1705         to cqt:5:a - should be fixed *)
1706interpretation "russell-axiom[exe,1]": russel_axiom λ κ . «[Π]κ»
1707  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
1708interpretation "russell-axiom[exe,2,1,1]": russel_axiom λ κ . «[Π]κκ'»
1709  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
1710interpretation "russell-axiom[exe,2,1,2]": russel_axiom λ κ . «[Π]κ'κ»
1711  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1712interpretation "russell-axiom[exe,2,2]": russel_axiom λ κ . «[Π]κκ»
1713  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1714interpretation "russell-axiom[exe,3,1,1]": russel_axiom λ κ . «[Π]κκ'κ''»
1715  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1716interpretation "russell-axiom[exe,3,1,2]": russel_axiom λ κ . «[Π]κ'κκ''»
1717  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1718interpretation "russell-axiom[exe,3,1,3]": russel_axiom λ κ . «[Π]κ'κ''κ»
1719  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1720interpretation "russell-axiom[exe,3,2,1]": russel_axiom λ κ . «[Π]κκκ'»
1721  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1722interpretation "russell-axiom[exe,3,2,2]": russel_axiom λ κ . «[Π]κκ'κ»
1723  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1724interpretation "russell-axiom[exe,3,2,3]": russel_axiom λ κ . «[Π]κ'κκ»
1725  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1726interpretation "russell-axiom[exe,3,3]": russel_axiom λ κ . «[Π]κκκ»
1727  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1728
1729interpretation "russell-axiom[enc,1]": russel_axiom λ κ . «κ[Π]»
1730  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
1731interpretation "russell-axiom[enc,2,1]": russel_axiom λ κ . «κκ'[Π]»
1732  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
1733interpretation "russell-axiom[enc,2,2]": russel_axiom λ κ . «κ'κ[Π]»
1734  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1735interpretation "russell-axiom[enc,2,3]": russel_axiom λ κ . «κκ[Π]»
1736  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1737interpretation "russell-axiom[enc,3,1,1]": russel_axiom λ κ . «κκ'κ''[Π]»
1738  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1739interpretation "russell-axiom[enc,3,1,2]": russel_axiom λ κ . «κ'κκ''[Π]»
1740  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1741interpretation "russell-axiom[enc,3,1,3]": russel_axiom λ κ . «κ'κ''κ[Π]»
1742  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1743interpretation "russell-axiom[enc,3,2,1]": russel_axiom λ κ . «κκκ'[Π]»
1744  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1745interpretation "russell-axiom[enc,3,2,2]": russel_axiom λ κ . «κκ'κ[Π]»
1746  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1747interpretation "russell-axiom[enc,3,2,3]": russel_axiom λ κ . «κ'κκ[Π]»
1748  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1749interpretation "russell-axiom[enc,3,3]": russel_axiom λ κ . «κκκ[Π]»
1750  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1751
1752AOT_act_theorem "1-exists:1": ιx φ{x}  ∃!x φ{x}
1753proof(rule "≡I"; rule "→I")
1754  AOT_assume ιx φ{x}
1755  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1756  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1757  AOT_hence φ{a} & z (φ{z}  z = a) using hintikka "≡E" by blast
1758  AOT_hence x (φ{x} & z (φ{z}  z = x)) by (rule "∃I")
1759  AOT_thus ∃!x φ{x} using "uniqueness:1"[THEN "≡dfI"] by blast
1760next
1761  AOT_assume ∃!x φ{x}
1762  AOT_hence x (φ{x} & z (φ{z}  z = x))
1763    using "uniqueness:1"[THEN "≡dfE"] by blast
1764  then AOT_obtain b where φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
1765  AOT_hence b = ιx φ{x} using hintikka "≡E" by blast
1766  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1767qed
1768
1769AOT_act_theorem "1-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
1770  using "1-exists:1" "free-thms:1" "≡E"(6) by blast
1771
1772AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
1773  using "&E"(1) "→I" hintikka "≡E"(1) by blast
1774
1775AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1". (* TODO: same as above *)
1776
1777AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
1778proof(rule "→I")
1779  AOT_assume ιx φ{x}
1780  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1781  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1782  moreover AOT_have φ{a} using calculation hintikka "≡E"(1) "&E" by blast
1783  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
1784qed
1785
1786AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
1787  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
1788
1789
1790AOT_theorem "act-quant-nec": β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
1791proof(rule "≡I"; rule "→I")
1792  AOT_assume β (𝒜φ{β}  β = α)
1793  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1794  AOT_hence 𝒜𝒜φ{β}  β = α for β 
1795    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1796  AOT_thus β(𝒜𝒜φ{β}  β = α)
1797    by (rule "∀I")
1798next
1799  AOT_assume β(𝒜𝒜φ{β}  β = α)
1800  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
1801  AOT_hence 𝒜φ{β}  β = α for β
1802    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1803  AOT_thus β (𝒜φ{β}  β = α)
1804    by (rule "∀I")
1805qed
1806
1807AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
1808proof -
1809  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)  using descriptions[axiom_inst] by blast
1810  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
1811  proof(rule "≡I"; rule "→I"; rule "∀I")
1812    AOT_assume z (𝒜φ{z}  z = x)
1813    AOT_hence 𝒜φ{a}  a = x for a using "∀E" by blast
1814    AOT_thus 𝒜𝒜φ{a}  a = x for a by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1815  next
1816    AOT_assume z (𝒜𝒜φ{z}  z = x)
1817    AOT_hence 𝒜𝒜φ{a}  a = x for a using "∀E" by blast
1818    AOT_thus 𝒜φ{a}  a = x for a  by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1819  qed
1820  also AOT_have ...  x = ιx(𝒜φ{x})
1821    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
1822  finally show ?thesis .
1823qed
1824
1825AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
1826proof(rule "→I")
1827  AOT_assume ιx φ{x}
1828  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1829  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1830  moreover AOT_have a = ιx(𝒜φ{x}) using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
1831  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x}) using "rule=E" by fast
1832qed
1833
1834AOT_theorem "nec-hintikka-scheme": x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
1835proof -
1836  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x) using descriptions[axiom_inst] by blast
1837  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
1838    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
1839  finally show ?thesis.
1840qed
1841
1842AOT_theorem "equiv-desc-eq:1": 𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1843proof(rule "→I"; rule "∀I")
1844  fix β
1845  AOT_assume 𝒜x(φ{x}  ψ{x})
1846  AOT_hence 𝒜(φ{x}  ψ{x}) for x using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
1847  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x by (metis "Act-Basic:5" "≡E"(1))
1848  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β) using "nec-hintikka-scheme" by blast
1849  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1850  proof (rule "≡I"; rule "→I")
1851    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
1852    AOT_hence 𝒜φ{z}  z = β for z using "&E" "∀E" by blast
1853    AOT_hence 𝒜ψ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1854    AOT_hence z(𝒜ψ{z}  z = β) using "∀I" by fast
1855    moreover AOT_have 𝒜ψ{β} using "&E" 0[THEN "≡E"(1)] 1 by blast
1856    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β) using "&I" by blast
1857  next
1858    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1859    AOT_hence 𝒜ψ{z}  z = β for z using "&E" "∀E" by blast
1860    AOT_hence 𝒜φ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1861    AOT_hence z(𝒜φ{z}  z = β) using "∀I" by fast
1862    moreover AOT_have 𝒜φ{β} using "&E" 0[THEN "≡E"(2)] 1 by blast
1863    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β) using "&I" by blast
1864  qed
1865  also AOT_have ...  β = ιx ψ{x}
1866    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
1867  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
1868qed
1869
1870AOT_theorem "equiv-desc-eq:2": ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1871proof(rule "→I")
1872  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
1873  AOT_hence 0: y (y = ιx φ{x}) and
1874            1: x (x = ιx φ{x}  x = ιx ψ{x})
1875    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
1876  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1877  moreover AOT_have a = ιx ψ{x} using calculation 1 "∀E" "≡E"(1) by fast
1878  ultimately AOT_show ιx φ{x} = ιx ψ{x}
1879    using "rule=E" by fast
1880qed
1881
1882AOT_theorem "equiv-desc-eq:3": ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1883  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E" "nec-imp-act"[THEN "→E"] by metis
1884
1885(* Note: this is a special case of "exist-nec" *)
1886AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
1887proof(rule "→I")
1888  AOT_assume ιx φ{x}
1889  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1890  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1891  AOT_thus ιx φ{x}
1892    using "ex:2:a" "rule=E" by fast
1893qed
1894
1895AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
1896proof(rule "→I")
1897  AOT_assume ιx φ{x}
1898  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1899  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1900  AOT_hence (a = ιx φ{x}) by (metis "id-nec:2" "vdash-properties:10")
1901  AOT_thus y (y = ιx φ{x}) by (rule "∃I")
1902qed
1903
1904AOT_act_theorem "equiv-desc-eq2:1": x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1905  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:1"[THEN "→E"]
1906        "RA[1]" "deduction-theorem" by blast
1907
1908AOT_act_theorem "equiv-desc-eq2:2": ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1909  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:2"[THEN "→E", OF "&I"]
1910        "RA[1]" "deduction-theorem" "&E" by metis
1911
1912context russel_axiom
1913begin
1914AOT_theorem "nec-russell-axiom": ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1915proof -
1916  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
1917    using "nec-hintikka-scheme" "∀I" by fast
1918  show ?thesis
1919  proof(rule "≡I"; rule "→I")
1920    AOT_assume c: ψ{ιx φ{x}}
1921    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1922    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1923    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1924    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a)) using b "∀E" by blast
1925    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) using "≡E" by blast
1926    moreover AOT_have ψ{a}
1927    proof - 
1928      AOT_have 1: xy(x = y  y = x)
1929        by (simp add: "id-eq:2" "universal-cor")
1930      AOT_have a = ιx φ{x}   ιx φ{x} = a
1931        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1932           (auto simp: d "universal-cor" 1)
1933      AOT_thus ψ{a}
1934        using a_def c "rule=E" "→E" by metis
1935    qed
1936    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a} by (rule "&I")
1937    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x}) by (rule "∃I")
1938  next
1939    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1940    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1941    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b)) using b "∀E" by blast
1942    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1943    AOT_hence b = ιx φ{x} using h "≡E" by blast
1944    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1945  qed
1946qed
1947end
1948
1949AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
1950proof (rule "≡I"; rule "→I")
1951  AOT_assume ιx φ{x}
1952  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1953  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1954  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1955    using descriptions[axiom_inst] by blast
1956  ultimately AOT_have z(𝒜φ{z}  z = a)
1957    using "≡E" by blast
1958  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
1959  AOT_thus ∃!x 𝒜φ{x}
1960    using "uniqueness:2"[THEN "≡E"(2)] by fast
1961next
1962  AOT_assume ∃!x 𝒜φ{x}
1963  AOT_hence xz(𝒜φ{z}  z = x)
1964    using "uniqueness:2"[THEN "≡E"(1)] by fast
1965  then AOT_obtain a where z(𝒜φ{z}  z = a) using "instantiation"[rotated] by blast
1966  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1967    using descriptions[axiom_inst] by blast
1968  ultimately AOT_have a = ιx φ{x} using "≡E" by blast
1969  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1970qed
1971
1972AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
1973  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme" "reductio-aa:2" "vdash-properties:9" by blast
1974
1975AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
1976  using "actual-desc:2". (* TODO: same as above *)
1977
1978AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
1979proof(rule "→I")
1980  AOT_assume ιx φ{x}
1981  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1982  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1983  AOT_thus 𝒜φ{ιx φ{x}}
1984    using "actual-desc:2" "rule=E" "→E" by fast
1985qed
1986
1987(* TODO: take another look at proof in PLM *)
1988AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
1989proof(rule "→I")
1990  AOT_assume 0: ιx φ{x} = ιx ψ{x}
1991  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
1992    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
1993  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x}) by (metis "rule=I:1" "existential:1")+
1994  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
1995    using "instantiation"[rotated] by metis
1996
1997  AOT_have αβ (α = β  β = α) by (rule "∀I"; rule "∀I"; rule "id-eq:2")
1998  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
1999    using "∀E" φ_down by blast
2000  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2001    using "∀E" ψ_down by blast
2002  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2003    "→E" by blast
2004
2005  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2006  proof(rule "≡I"; rule "→I")
2007    AOT_assume 𝒜φ{x}
2008    moreover AOT_have 𝒜φ{x}  x = a for x
2009      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)] "∀E" by blast
2010    ultimately AOT_have x = a using "→E" by blast
2011    AOT_hence x = ιx φ{x} using a_eq "rule=E" by blast
2012    AOT_hence x = ιx ψ{x} using 0 "rule=E" by blast
2013    AOT_thus 𝒜ψ{x} by (metis "actual-desc:3" "vdash-properties:6")
2014  next
2015    AOT_assume 𝒜ψ{x}
2016    moreover AOT_have 𝒜ψ{x}  x = b for x
2017      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)] "∀E" by blast
2018    ultimately AOT_have x = b using "→E" by blast
2019    AOT_hence x = ιx ψ{x} using b_eq "rule=E" by blast
2020    AOT_hence x = ιx φ{x} using 1 "rule=E" by blast
2021    AOT_thus 𝒜φ{x} by (metis "actual-desc:3" "vdash-properties:6")
2022  qed
2023  AOT_hence 𝒜(φ{x}  ψ{x}) for x by (metis "Act-Basic:5" "≡E"(2))
2024  AOT_hence x 𝒜(φ{x}  ψ{x}) by (rule "∀I")
2025  AOT_thus 𝒜x (φ{x}  ψ{x})
2026    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2027qed    
2028
2029AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2030proof(rule "→I")
2031  AOT_assume ∃!x φ{x}
2032  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2033    using "uniqueness:1"[THEN "≡dfE"] by blast
2034  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
2035  AOT_show y (y = ιx φ{x}  φ{y})
2036  proof(rule GEN; rule "→I")
2037    fix y
2038    AOT_assume y = ιx φ{x}
2039    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y) using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2040    AOT_hence 𝒜φ{b}  b = y using "&E" "∀E" by blast
2041    moreover AOT_have 𝒜φ{b} using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2042    ultimately AOT_have b = y using "→E" by blast
2043    moreover AOT_have φ{b} using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2044    ultimately AOT_show φ{y} using "rule=E" by blast
2045  qed
2046qed
2047
2048AOT_theorem "!box-desc:2": x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2049proof(rule "→I"; rule "→I")
2050  AOT_assume x (φ{x}  φ{x})
2051  moreover AOT_assume ∃!x φ{x}
2052  ultimately AOT_have ∃!x φ{x}
2053    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2054  AOT_thus y (y = ιx φ{x}  φ{y})
2055    using "!box-desc:1" "→E" by blast
2056qed
2057
2058AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ} (* TODO: vacuous *)
2059  by (simp add: "rule=I:1" "→I")
2060
2061AOT_theorem "RM:1[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2062proof -
2063  AOT_have Γ  (φ  ψ) using "RN[prem]" assms by blast
2064  AOT_thus Γ  φ  ψ by (metis "qml:1"[axiom_inst] "→E")
2065qed
2066
2067AOT_theorem "RM:1": assumes  φ  ψ shows  φ  ψ
2068  using "RM:1[prem]" assms by blast
2069
2070lemmas RM = "RM:1"
2071
2072AOT_theorem "RM:2[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2073proof -
2074  AOT_have Γ  ¬ψ  ¬φ using assms 
2075    by (simp add: "contraposition:1[1]")
2076  AOT_hence Γ  ¬ψ  ¬φ using "RM:1[prem]" by blast
2077  AOT_thus Γ  φ  ψ
2078    by (meson "≡dfE" "≡dfI" "conventions:5" "deduction-theorem" "modus-tollens:1")
2079qed
2080
2081AOT_theorem "RM:2": assumes  φ  ψ shows  φ  ψ
2082  using "RM:2[prem]" assms by blast
2083
2084lemmas "RM◇" = "RM:2"
2085
2086AOT_theorem "RM:3[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2087proof -
2088  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2089  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:1[prem]" by metis+
2090  AOT_thus Γ  φ  ψ
2091    by (simp add: "≡I")
2092qed
2093
2094AOT_theorem "RM:3": assumes  φ  ψ shows  φ  ψ
2095  using "RM:3[prem]" assms by blast
2096
2097lemmas RE = "RM:3"
2098
2099AOT_theorem "RM:4[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2100proof -
2101  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2102  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:2[prem]" by metis+
2103  AOT_thus Γ  φ  ψ by (simp add: "≡I")
2104qed
2105
2106AOT_theorem "RM:4": assumes  φ  ψ shows  φ  ψ
2107  using "RM:4[prem]" assms by blast
2108
2109lemmas "RE◇" = "RM:4"
2110
2111AOT_theorem "KBasic:1": φ  (ψ  φ)
2112  by (simp add: RM "pl:1"[axiom_inst])
2113
2114AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2115  by (simp add: RM "useful-tautologies:3")
2116
2117AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2118proof (rule "≡I"; rule "→I")
2119  AOT_assume (φ & ψ)
2120  AOT_thus φ & ψ
2121    by (meson RM "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2122next
2123  AOT_have φ  (ψ  (φ & ψ)) by (simp add: "RM:1" Adjunction)
2124  AOT_hence φ  (ψ  (φ & ψ))  by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2125  moreover AOT_assume φ & ψ
2126  ultimately AOT_show (φ & ψ)
2127    using "→E" "&E" by blast
2128qed
2129
2130AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2131proof -
2132  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2133    by (fact "KBasic:3")
2134  AOT_modally_strict {
2135    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2136      by (fact "conventions:3"[THEN "≡Df"])
2137  }
2138  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2139    by (rule RE)
2140  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2141    using "≡E"(5) by blast
2142qed
2143
2144AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2145proof -
2146  AOT_have (φ  ψ)  (φ  ψ)
2147    by (fact "qml:1"[axiom_inst])
2148  moreover AOT_have (ψ  φ)  (ψ  φ)
2149    by (fact "qml:1"[axiom_inst])
2150  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2151    by (metis "&I" MP "Double Composition")
2152  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2153    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2154  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2155    by (metis "Hypothetical Syllogism")
2156qed
2157
2158AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2159  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "vdash-properties:10" by blast
2160AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2161proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2162  AOT_assume φ & ψ
2163  AOT_hence φ and ψ using "&E" by blast+
2164  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2165  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2166  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2167next
2168  AOT_assume ¬φ & ¬ψ
2169  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2170  AOT_modally_strict {
2171    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2172      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2173  }
2174  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2175    by (rule RM)
2176  AOT_thus (φ  ψ) using 0 "→E" by blast
2177qed(auto)
2178
2179AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2180  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2181AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2182  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2183AOT_theorem "KBasic:10": φ  ¬¬φ
2184  by (simp add: "RM:3" "oth-class-taut:3:b")
2185AOT_theorem "KBasic:11": ¬φ  ¬φ
2186proof (rule "≡I"; rule "→I")
2187  AOT_show ¬φ if ¬φ
2188    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2189next
2190  AOT_show ¬φ if ¬φ
2191    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2192qed
2193AOT_theorem "KBasic:12": φ  ¬¬φ
2194proof (rule "≡I"; rule "→I")
2195  AOT_show ¬¬φ if φ
2196    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2197next
2198  AOT_show φ if ¬¬φ
2199  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2200qed
2201AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2202proof -
2203  AOT_have φ  ψ  φ  ψ by blast
2204  AOT_hence (φ  ψ)  φ  ψ
2205    using "RM:2[prem]" by blast
2206  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2207qed
2208lemmas "K◇" = "KBasic:13"
2209AOT_theorem "KBasic:14": φ  ¬¬φ
2210  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2211AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2212proof -
2213  AOT_modally_strict {
2214    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2215      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2216  }
2217  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2218    using RM by blast+
2219  AOT_thus (φ  ψ)  (φ  ψ)
2220    by (metis "∨E"(1) "deduction-theorem")
2221qed
2222
2223AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2224  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism" Importation "vdash-properties:6")
2225
2226AOT_theorem "rule-sub-lem:1:a":
2227  assumes  (ψ  χ)
2228  shows  ¬ψ  ¬χ
2229  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2230        "≡E"(1) "oth-class-taut:4:b" by blast
2231
2232AOT_theorem "rule-sub-lem:1:b":
2233  assumes  (ψ  χ)
2234  shows  (ψ  Θ)  (χ  Θ)
2235  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2236  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2237
2238AOT_theorem "rule-sub-lem:1:c":
2239  assumes  (ψ  χ)
2240  shows  (Θ  ψ)  (Θ  χ)
2241  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2242  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2243
2244AOT_theorem "rule-sub-lem:1:d":
2245  assumes for arbitrary α:  (ψ{α}  χ{α})
2246  shows  α ψ{α}  α χ{α}
2247proof -
2248  AOT_modally_strict {
2249    AOT_have α (ψ{α}  χ{α})
2250      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2251    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2252    AOT_show α ψ{α}  α χ{α}
2253    proof (rule "≡I"; rule "→I")
2254      AOT_assume α ψ{α}
2255      AOT_hence ψ{α} for α using "∀E" by blast
2256      AOT_hence χ{α} for α using 0 "≡E" by blast
2257      AOT_thus α χ{α} by (rule "∀I")
2258    next
2259      AOT_assume α χ{α}
2260      AOT_hence χ{α} for α using "∀E" by blast
2261      AOT_hence ψ{α} for α using 0 "≡E" by blast
2262      AOT_thus α ψ{α} by (rule "∀I")
2263    qed
2264  }
2265qed
2266
2267AOT_theorem "rule-sub-lem:1:e":
2268  assumes  (ψ  χ)
2269  shows   ψ]   χ]
2270  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2271  using "≡E"(1) "propositions-lemma:6" by blast
2272
2273AOT_theorem "rule-sub-lem:1:f":
2274  assumes  (ψ  χ)
2275  shows  𝒜ψ  𝒜χ
2276  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2277  by (metis "Act-Basic:5" "≡E"(1))
2278
2279AOT_theorem "rule-sub-lem:1:g":
2280  assumes  (ψ  χ)
2281  shows  ψ  χ
2282  using "KBasic:6" assms "vdash-properties:6" by blast
2283
2284text‹Note that instead of deriving @{text "rule-sub-lem:2"}, @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2285     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2286
2287class AOT_subst =
2288  fixes AOT_subst :: "('a  𝗈)  bool"
2289    and AOT_subst_cond :: "'a  'a  bool"
2290  assumes AOT_subst: "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2291
2292named_theorems AOT_substI
2293
2294instantiation 𝗈 :: AOT_subst
2295begin
2296
2297inductive AOT_subst_𝗈 where
2298  AOT_subst_𝗈_id[AOT_substI]: "AOT_subst_𝗈 (λφ. φ)"
2299| AOT_subst_𝗈_const[AOT_substI]: "AOT_subst_𝗈 (λφ. ψ)"
2300| AOT_subst_𝗈_not[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)"
2301| AOT_subst_𝗈_imp[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)"
2302| AOT_subst_𝗈_lambda0[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))"
2303| AOT_subst_𝗈_act[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)"
2304| AOT_subst_𝗈_box[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)"
2305| AOT_subst_𝗈_by_def[AOT_substI]: "( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ))  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ"
2306
2307definition AOT_subst_cond_𝗈 where "AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]"
2308
2309instance
2310proof
2311  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2312  assume cond: ‹AOT_subst_cond ψ χ
2313  assume ‹AOT_subst φ
2314  moreover AOT_have  ψ  χ using cond unfolding AOT_subst_cond_𝗈_def by blast
2315  ultimately AOT_show  φ{ψ}  φ{χ}
2316  proof (induct arbitrary: ψ χ)
2317    case AOT_subst_𝗈_id
2318    thus ?case using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2319  next
2320    case (AOT_subst_𝗈_const ψ)
2321    thus ?case by (simp add: "oth-class-taut:3:a")
2322  next
2323    case (AOT_subst_𝗈_not Θ)
2324    thus ?case by (simp add: RN "rule-sub-lem:1:a")
2325  next
2326    case (AOT_subst_𝗈_imp Θ Ξ)
2327    thus ?case by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2328  next
2329    case (AOT_subst_𝗈_lambda0 Θ)
2330    thus ?case by (simp add: RN "rule-sub-lem:1:e")
2331  next
2332    case (AOT_subst_𝗈_act Θ)
2333    thus ?case by (simp add: RN "rule-sub-lem:1:f")
2334  next
2335    case (AOT_subst_𝗈_box Θ)
2336    thus ?case by (simp add: RN "rule-sub-lem:1:g")
2337  next
2338    case (AOT_subst_𝗈_by_def Θ Ξ)
2339    AOT_modally_strict {
2340      AOT_have Ξ{ψ}  Ξ{χ} using AOT_subst_𝗈_by_def by simp
2341      AOT_thus Θ{ψ}  Θ{χ}
2342        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ] "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2343        by (metis "≡E"(6) "oth-class-taut:3:a")
2344    }
2345  qed
2346qed
2347end
2348
2349instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2350begin
2351
2352definition AOT_subst_cond_fun :: "('a  'b)  ('a  'b)  bool" where
2353  "AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α)) (ψ (AOT_term_of_var α))"
2354
2355inductive AOT_subst_fun :: "(('a  'b)  𝗈)  bool" where
2356  AOT_subst_fun_const[AOT_substI]: "AOT_subst_fun (λφ. ψ)"
2357| AOT_subst_fun_id[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var x)))"
2358| AOT_subst_fun_all[AOT_substI]: "AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α)))  AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)"
2359| AOT_subst_fun_not[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)"
2360| AOT_subst_fun_imp[AOT_substI]: "AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)"
2361| AOT_subst_fun_lambda0[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))"
2362| AOT_subst_fun_act[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)"
2363| AOT_subst_fun_box[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)"
2364| AOT_subst_fun_def[AOT_substI]: "( φ . AOT_model_equiv_def (Θ φ) (Ψ φ))  AOT_subst_fun Ψ  AOT_subst_fun Θ"
2365
2366instance proof
2367  fix ψ χ :: "'a  'b" and φ :: ('a  'b)  𝗈›
2368  assume ‹AOT_subst φ
2369  moreover assume cond: ‹AOT_subst_cond ψ χ
2370  ultimately AOT_show  «φ ψ»  «φ χ»
2371  proof(induct)
2372    case (AOT_subst_fun_const ψ)
2373    then show ?case by (simp add: "oth-class-taut:3:a")
2374  next
2375  case (AOT_subst_fun_id Ψ x)
2376  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2377  next
2378  case (AOT_subst_fun_all Ψ Θ)
2379  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2380    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2381  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2382    by (simp add: RN "rule-sub-lem:1:d" AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2383  next
2384  case (AOT_subst_fun_not Ψ)
2385  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2386  next
2387  case (AOT_subst_fun_imp Ψ Θ)
2388  then show ?case 
2389    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2390    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "vdash-properties:6")
2391  next
2392  case (AOT_subst_fun_lambda0 Θ)
2393  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2394  next
2395  case (AOT_subst_fun_act Θ)
2396  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2397  next
2398  case (AOT_subst_fun_box Θ)
2399  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2400  next
2401  case (AOT_subst_fun_def Θ Ψ)
2402  then show ?case
2403    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2404  qed
2405qed
2406end
2407
2408method_setup AOT_defI =
2409‹Scan.lift (Scan.succeed (fn ctxt => (Method.CONTEXT_METHOD (fn thms => (Context_Tactic.CONTEXT_SUBGOAL (fn (trm,int) => 
2410Context_Tactic.CONTEXT_TACTIC (
2411let
2412fun findHeadConst (Const x) = SOME x
2413  | findHeadConst (A $ B) = findHeadConst A
2414  | findHeadConst _ = NONE
2415fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ rhs) = findHeadConst lhs
2416  | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2417  | findDef (Abs (a,b,c)) = findDef c
2418  | findDef _ = NONE
2419val const_opt = (findDef trm)
2420val defs = case const_opt of SOME const => List.filter (fn thm => let
2421    val concl = Thm.concl_of thm
2422    val thmconst = (findDef concl)
2423    in case thmconst of SOME (c,_) => fst const = c | _ => false end) (AOT_Definitions.get ctxt)
2424    | _ => []
2425in
2426resolve_tac ctxt defs 1
2427end
2428)) 1)))))
2429‹Resolve AOT definitions›
2430
2431method AOT_subst_intro_helper = ((rule AOT_substI
2432      | AOT_defI
2433      | (simp only: AOT_subst_cond_𝗈_def AOT_subst_cond_fun_def; ((rule allI)+)?)))
2434
2435method AOT_subst for ψ::"'a::AOT_subst" and χ::"'a::AOT_subst" =
2436    (match conclusion in "[v  «φ ψ»]" for φ and v 
2437      match (φ) in "λa . ?p" fail¦ "λa . a" fail2438       ¦ _ rule AOT_subst[where φ=φ and ψ=ψ and χ=χ, THEN "≡E"(2)]
2439       ; (AOT_subst_intro_helper+)?››)
2440
2441method AOT_subst_rev for χ::"'a::AOT_subst" and ψ::"'a::AOT_subst" =
2442    (match conclusion in "[v  «φ ψ»]" for φ and v 
2443      match (φ) in "λa . ?p" fail¦ "λa . a" fail2444       ¦ _ rule AOT_subst[where φ=φ and ψ=χ and χ=ψ, THEN "≡E"(1)]
2445       ; (AOT_subst_intro_helper+)?››)
2446
2447method AOT_subst_manual for φ::"'a::AOT_subst  𝗈" =
2448    (rule AOT_subst[where φ=φ, THEN "≡E"(2)]; (AOT_subst_intro_helper+)?)
2449
2450method AOT_subst_manual_rev for φ::"'a::AOT_subst  𝗈" =
2451    (rule AOT_subst[where φ=φ, THEN "≡E"(1)]; (AOT_subst_intro_helper+)?)
2452
2453method AOT_subst_using uses subst =
2454    (match subst in "[?w  ψ  χ]" for ψ χ  2455       match conclusion in "[v  «φ ψ»]" for φ v 2456         rule AOT_subst[where φ=φ and ψ=ψ and χ=χ, THEN "≡E"(2)]
2457         ; ((AOT_subst_intro_helper | (fact subst; fail))+)?››)
2458
2459method AOT_subst_using_rev uses subst =
2460    (match subst in "[?w  ψ  χ]" for ψ χ  2461      match conclusion in "[v  «φ χ»]" for φ v 2462        rule AOT_subst[where φ=φ and ψ=ψ and χ=χ, THEN "≡E"(1)]
2463        ; ((AOT_subst_intro_helper | (fact subst; fail))+)?››)
2464
2465AOT_theorem "rule-sub-remark:1[1]": assumes  A!x  ¬E!x and ¬A!x shows ¬¬E!x
2466  by (AOT_subst_rev "«A!x»" "«¬E!x»") (auto simp: assms)
2467
2468AOT_theorem "rule-sub-remark:1[2]": assumes  A!x  ¬E!x and  ¬¬E!x shows ¬A!x
2469  by (AOT_subst "«A!x»" "«¬E!x»") (auto simp: assms)
2470
2471AOT_theorem "rule-sub-remark:2[1]":
2472  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy shows p  [R]xy & ([Q]a  ¬[Q]a)
2473  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2474
2475AOT_theorem "rule-sub-remark:2[2]":
2476  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy & ([Q]a  ¬[Q]a) shows p  [R]xy
2477  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2478
2479AOT_theorem "rule-sub-remark:3[1]":
2480  assumes for arbitrary x:  A!x  ¬E!x
2481      and x A!x
2482    shows x ¬E!x
2483  by (AOT_subst_rev "λκ. «A!κ»" "λκ. «¬E!κ»") (auto simp: assms)
2484
2485AOT_theorem "rule-sub-remark:3[2]":
2486  assumes for arbitrary x:  A!x  ¬E!x
2487      and x ¬E!x
2488    shows x A!x
2489  by (AOT_subst "λκ. «A!κ»" "λκ. «¬E!κ»") (auto simp: assms)
2490
2491AOT_theorem "rule-sub-remark:4[1]":
2492  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x shows 𝒜[P]x
2493  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2494
2495AOT_theorem "rule-sub-remark:4[2]":
2496  assumes  ¬¬[P]x  [P]x and 𝒜[P]x shows 𝒜¬¬[P]x
2497  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2498
2499AOT_theorem "rule-sub-remark:5[1]":
2500  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ) shows (¬ψ  ¬φ)
2501  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2502
2503AOT_theorem "rule-sub-remark:5[2]":
2504  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ) shows (φ  ψ) 
2505  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2506
2507AOT_theorem "rule-sub-remark:6[1]":
2508  assumes  ψ  χ and (φ  ψ) shows (φ  χ) 
2509  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2510
2511AOT_theorem "rule-sub-remark:6[2]":
2512  assumes  ψ  χ and (φ  χ) shows (φ  ψ)
2513  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2514
2515AOT_theorem "rule-sub-remark:7[1]":
2516  assumes  φ  ¬¬φ and (φ  φ) shows (¬¬φ  φ) 
2517  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2518
2519AOT_theorem "rule-sub-remark:7[2]":
2520  assumes  φ  ¬¬φ and (¬¬φ  φ) shows  (φ  φ)
2521  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2522
2523AOT_theorem "KBasic2:1": ¬φ  ¬φ
2524  by (meson "conventions:5" "contraposition:2" "Hypothetical Syllogism" "df-rules-formulas[3]"
2525            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
2526
2527AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
2528proof -
2529  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
2530    by (simp add: "RE◇" "oth-class-taut:5:b")
2531  also AOT_have   ¬(¬φ & ¬ψ)
2532    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2533  also AOT_have   ¬(¬φ & ¬ψ)
2534    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
2535  also AOT_have   ¬(¬φ & ¬ψ)
2536    apply (AOT_subst_rev "«¬φ»" "«¬φ»")
2537    apply (simp add: "KBasic2:1")
2538    apply (AOT_subst_rev "«¬ψ»" "«¬ψ»")
2539    by (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2540  also AOT_have   ¬¬(φ  ψ)
2541    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
2542  also AOT_have   φ  ψ
2543    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
2544  finally show ?thesis .
2545qed
2546
2547AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
2548  by (metis "RM◇" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "deduction-theorem" "modus-tollens:1" "reductio-aa:1")
2549
2550AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
2551proof -
2552  AOT_have (φ  ψ)  (¬φ  ψ)
2553    by (AOT_subst "«φ  ψ»" "«¬φ  ψ»")
2554       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
2555  also AOT_have ...  ¬φ  ψ
2556    by (simp add: "KBasic2:2")
2557  also AOT_have ...  ¬φ  ψ
2558    by (AOT_subst "«¬φ»" "«¬φ»")
2559       (auto simp: "KBasic:11" "oth-class-taut:3:a")
2560  also AOT_have ...  φ  ψ
2561    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
2562  finally show ?thesis .
2563qed
2564
2565AOT_theorem "KBasic2:5": φ  ¬¬φ
2566  apply (AOT_subst "«φ»" "«¬¬φ»")
2567   apply (simp add: "conventions:5" "≡Df")
2568  apply (AOT_subst "«¬¬φ»" "«¬¬¬¬φ»")
2569   apply (simp add: "conventions:5" "≡Df")
2570  apply (AOT_subst_rev "«¬φ»"  "«¬¬¬φ»")
2571   apply (simp add: "oth-class-taut:3:b")
2572  by (simp add: "oth-class-taut:3:a")
2573
2574
2575AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
2576proof(rule "→I"; rule "raa-cor:1")
2577  AOT_assume (φ  ψ)
2578  AOT_hence (¬φ  ψ)
2579    apply - apply (AOT_subst_rev "«φ  ψ»" "«¬φ  ψ»")
2580    by (simp add: "conventions:2" "≡Df")
2581  AOT_hence 1: ¬φ  ψ using "KBasic:13" "vdash-properties:10" by blast
2582  AOT_assume ¬(φ  ψ)
2583  AOT_hence ¬φ and ¬ψ using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
2584  AOT_thus ψ & ¬ψ using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
2585qed
2586
2587AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
2588proof(rule "→I"; frule "&E"(1); drule "&E"(2))
2589  AOT_assume (φ  ψ)
2590  AOT_hence 1: φ  ψ
2591    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
2592  AOT_assume ¬φ
2593  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
2594  AOT_thus ψ using 1 "∨E"(2) by blast
2595qed
2596
2597AOT_theorem "T-S5-fund:1": φ  φ
2598  by (meson "≡dfI" "conventions:5" "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" "qml:2"[axiom_inst])
2599lemmas "T◇" = "T-S5-fund:1"
2600
2601AOT_theorem "T-S5-fund:2": φ  φ
2602proof(rule "→I")
2603  AOT_assume φ
2604  AOT_hence ¬¬φ
2605    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
2606  moreover AOT_have ¬φ  ¬φ
2607    by (fact "qml:3"[axiom_inst])
2608  ultimately AOT_have ¬¬φ
2609    using "modus-tollens:1" by blast
2610  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
2611qed
2612lemmas "5◇" = "T-S5-fund:2"
2613
2614(* Also interestingly none of these have proofs in PLM. *)
2615AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
2616  by (AOT_subst "«𝒜¬φ»" "«¬𝒜φ»")
2617     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
2618
2619AOT_theorem "Act-Sub:2": φ  𝒜φ
2620  apply (AOT_subst "«φ»" "«¬¬φ»")
2621   apply (simp add: "conventions:5" "≡Df")
2622  by (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
2623            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
2624
2625AOT_theorem "Act-Sub:3": 𝒜φ  φ
2626  apply (AOT_subst "«φ»" "«¬¬φ»")
2627   apply (simp add: "conventions:5" "≡Df")
2628  by (metis "Act-Sub:1" "deduction-theorem" "≡E"(4) "nec-imp-act" "reductio-aa:2" "vdash-properties:6")
2629
2630
2631AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
2632proof (rule "≡I"; rule "→I")
2633  AOT_assume 𝒜φ
2634  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
2635next
2636  AOT_assume 𝒜φ
2637  AOT_hence ¬¬𝒜φ
2638    using "≡dfE" "conventions:5" by blast
2639  AOT_hence ¬𝒜¬φ
2640    apply - apply (AOT_subst "«𝒜¬φ»" "«¬𝒜φ»")
2641    by (simp add: "logic-actual-nec:1"[axiom_inst])
2642  AOT_thus 𝒜φ
2643      using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4) "reductio-aa:1" by blast
2644qed
2645
2646AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
2647  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "deduction-theorem" "≡E"(1) "≡E"(2) "vdash-properties:6")
2648
2649AOT_theorem "S5Basic:1": φ  φ
2650  by (simp add: "≡I" "qml:2" "qml:3" "vdash-properties:1[2]")
2651
2652AOT_theorem "S5Basic:2": φ  φ
2653  by (simp add: "T◇" "5◇" "≡I")
2654
2655AOT_theorem "S5Basic:3": φ  φ
2656  using "T◇" "Hypothetical Syllogism" "qml:3" "vdash-properties:1[2]" by blast
2657lemmas "B" = "S5Basic:3"
2658
2659AOT_theorem "S5Basic:4": φ  φ
2660  using "5◇" "Hypothetical Syllogism" "qml:2" "vdash-properties:1[2]" by blast
2661lemmas "B◇" = "S5Basic:4"
2662
2663AOT_theorem "S5Basic:5": φ  φ
2664  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
2665lemmas "4" = "S5Basic:5"
2666
2667AOT_theorem "S5Basic:6": φ  φ
2668  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
2669
2670AOT_theorem "S5Basic:7": φ  φ
2671  apply (AOT_subst "«φ»" "«¬¬φ»")
2672   apply (simp add: "conventions:5" "≡Df")
2673  apply (AOT_subst "«φ»" "«¬¬φ»")
2674   apply (simp add: "conventions:5" "≡Df")
2675  apply (AOT_subst_rev "«¬φ»" "«¬¬¬φ»")
2676   apply (simp add: "oth-class-taut:3:b")
2677  apply (AOT_subst_rev "«¬φ»" "«¬φ»")
2678   apply (simp add: "S5Basic:6")
2679  by (simp add: "if-p-then-p")
2680
2681lemmas "4◇" = "S5Basic:7"
2682
2683AOT_theorem "S5Basic:8": φ  φ
2684  by (simp add: "4◇" "T◇" "≡I")
2685
2686AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
2687  apply (rule "≡I"; rule "→I")
2688  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10" apply blast
2689  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "con-dis-taut:7"
2690            "intro-elim:1" "Commutativity of ∨")
2691
2692AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
2693(* Note: nicely this proof is entirely sledgehammer generated *)
2694proof(rule "≡I"; rule "→I")
2695  AOT_assume (φ  ψ)
2696  AOT_hence φ  ψ
2697    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
2698  AOT_thus φ  ψ
2699    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
2700next
2701  AOT_assume φ  ψ
2702  AOT_hence φ  ψ
2703    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
2704  AOT_thus (φ  ψ)
2705    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
2706qed
2707
2708AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
2709proof -
2710  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
2711    by (AOT_subst "«φ & ψ»" "«¬(¬φ  ¬ψ)»")
2712       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
2713  also AOT_have   ¬(¬φ  ¬ψ)
2714    by (AOT_subst "«¬ψ»" "«¬ψ»")
2715       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2716  also AOT_have   ¬(¬φ  ¬ψ)
2717    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2718  also AOT_have   ¬(¬φ  ¬ψ)
2719    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
2720  also AOT_have   ¬(¬φ  ¬ψ)
2721    apply (AOT_subst "«¬φ»" "«¬φ»")
2722     apply (simp add: "KBasic2:1")
2723    apply (AOT_subst "«¬ψ»" "«¬ψ»")
2724    by (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2725  also AOT_have   φ & ψ
2726    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
2727  finally show ?thesis .
2728qed
2729
2730AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
2731proof (rule "≡I"; rule "→I")
2732  AOT_assume (φ & ψ)
2733  AOT_hence φ & ψ
2734    using "KBasic2:3" "vdash-properties:6" by blast
2735  AOT_thus φ & ψ
2736    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
2737next
2738  AOT_assume φ & ψ
2739  moreover AOT_have (ψ & φ)  (φ & ψ)
2740    by (AOT_subst "«φ & ψ»" "«ψ & φ»")
2741       (auto simp: "Commutativity of &" "KBasic:16")
2742  ultimately AOT_show (φ & ψ)
2743    by (metis "4" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2744qed
2745
2746
2747AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
2748proof (rule "≡I")
2749  AOT_modally_strict {
2750    AOT_have (φ  ψ)  (φ  ψ)
2751      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "deduction-theorem")
2752  }
2753  AOT_hence (φ  ψ)  (φ  ψ)
2754    by (rule RM)
2755  AOT_thus  (φ  ψ)  (φ  ψ)
2756    using "4" "Hypothetical Syllogism" by blast
2757next
2758  AOT_modally_strict {
2759    AOT_have (φ  ψ)  (φ  ψ)
2760      by (meson "B" "Hypothetical Syllogism" "deduction-theorem" "qml:1" "vdash-properties:1[2]")
2761  }
2762  AOT_hence  (φ  ψ)  (φ  ψ)
2763    by (rule RM)
2764  AOT_thus (φ  ψ)  (φ  ψ)
2765    using "4" "Hypothetical Syllogism" by blast
2766qed
2767
2768AOT_theorem "derived-S5-rules:1":
2769  assumes Γ  φ  ψ shows Γ  φ  ψ
2770proof -
2771  AOT_have Γ  φ  ψ
2772    using assms by (rule "RM:1[prem]")
2773  AOT_thus Γ  φ  ψ
2774    using "B" "Hypothetical Syllogism" by blast
2775qed
2776
2777AOT_theorem "derived-S5-rules:2":
2778  assumes Γ  φ  ψ shows Γ  φ  ψ
2779proof -
2780  AOT_have Γ  φ  ψ
2781    using assms by (rule "RM:2[prem]")
2782  AOT_thus Γ  φ  ψ
2783    using "B◇" "Hypothetical Syllogism" by blast
2784qed
2785
2786AOT_theorem "BFs:1": α φ{α}  α φ{α}
2787proof -
2788  AOT_modally_strict {
2789    AOT_modally_strict {
2790      AOT_have α φ{α}  φ{α} for α by (fact AOT)
2791    }
2792    AOT_hence α φ{α}  φ{α} for α by (rule "RM◇")
2793    AOT_hence α φ{α}  α φ{α}
2794      using "B◇" "∀I" "→E" "→I" by metis
2795  }
2796  thus ?thesis using "derived-S5-rules:1" by blast
2797qed
2798lemmas "BF" = "BFs:1"
2799
2800AOT_theorem "BFs:2": α φ{α}  α φ{α}
2801proof -
2802  AOT_have α φ{α}  φ{α} for α using RM "cqt-orig:3" by metis
2803  thus ?thesis using  "cqt-orig:2"[THEN "→E"] "∀I" by metis
2804qed
2805lemmas "CBF" = "BFs:2"
2806
2807AOT_theorem "BFs:3": α φ{α}  α φ{α}
2808proof(rule "→I")
2809  AOT_modally_strict {
2810    AOT_have α ¬φ{α}  α ¬φ{α}
2811      using BF CBF "≡I" by blast
2812  } note θ = this
2813
2814  AOT_assume α φ{α}
2815  AOT_hence ¬¬(α φ{α})
2816    using "≡dfE" "conventions:5" by blast
2817  AOT_hence ¬α ¬φ{α}
2818    apply - apply (AOT_subst "«α ¬φ{α}»" "«¬(α φ{α})»")
2819    using "≡dfI" "conventions:3" "conventions:4" "&I" "contraposition:2" "cqt-further:4"
2820          "df-rules-formulas[1]" "vdash-properties:1[2]" by blast
2821  AOT_hence ¬α ¬φ{α}
2822    apply - apply (AOT_subst_using_rev subst: θ)
2823    using θ by blast
2824  AOT_hence ¬α ¬¬¬φ{α}
2825    apply - apply (AOT_subst_rev "λ τ. «¬φ{τ}»"  "λ τ. «¬¬¬φ{τ}»")
2826    by (simp add: "oth-class-taut:3:b")
2827  AOT_hence 0: α ¬¬φ{α}
2828    by (rule "conventions:4"[THEN "≡dfI"])
2829  AOT_show α φ{α}
2830    apply (AOT_subst "λ τ . «φ{τ}»" "λ τ . «¬¬φ{τ}»")
2831     apply (simp add: "conventions:5" "≡Df")
2832    using 0 by blast
2833qed
2834lemmas "BF◇" = "BFs:3"
2835
2836AOT_theorem "BFs:4": α φ{α}  α φ{α}
2837proof(rule "→I")
2838  AOT_assume α φ{α}
2839  AOT_hence ¬α ¬φ{α}
2840    using "conventions:4"[THEN "≡dfE"] by blast
2841  AOT_hence ¬α ¬φ{α}
2842    apply - apply (AOT_subst "λ τ . «¬φ{τ}»" "λ τ . «¬φ{τ}»")
2843    by (simp add: "KBasic2:1")
2844  moreover AOT_have α ¬φ{α}  α ¬φ{α}
2845    using "≡I" "BF" "CBF" by metis
2846  ultimately AOT_have 1: ¬α ¬φ{α}
2847    using "≡E"(3) by blast
2848  AOT_show α φ{α}
2849    apply (rule "conventions:5"[THEN "≡dfI"])
2850    apply (AOT_subst "«α φ{α}»" "«¬α ¬φ{α}»")
2851     apply (simp add: "conventions:4" "≡Df")
2852    apply (AOT_subst "«¬¬α ¬φ{α}»" "«α ¬φ{α}»")
2853    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
2854qed
2855lemmas "CBF◇" = "BFs:4"
2856
2857AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
2858proof(rule "→I")
2859  AOT_assume α φ{α}
2860  then AOT_obtain α where φ{α} using "∃E" by metis
2861  moreover AOT_have α
2862    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
2863  moreover AOT_have φ{τ}, τ  α φ{α} for τ
2864  proof -
2865    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
2866    AOT_thus φ{τ}, τ  α φ{α}
2867      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
2868  qed
2869  ultimately AOT_show α φ{α} by blast
2870qed
2871lemmas Buridan = "sign-S5-thm:1"
2872
2873AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
2874proof -
2875  AOT_have α (α φ{α}  φ{α})
2876    by (simp add: "RM◇" "cqt-orig:3" "∀I")
2877  AOT_thus α φ{α}  α φ{α}
2878    using "∀E"(4) "∀I" "→E" "→I" by metis
2879qed
2880lemmas "Buridan◇" = "sign-S5-thm:2"
2881
2882AOT_theorem "sign-S5-thm:3": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
2883  apply (rule "RM:2")
2884  by (metis (no_types, lifting) "instantiation" "&I" "&E"(1)
2885                                "&E"(2) "deduction-theorem" "existential:2[const_var]")
2886
2887AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
2888  apply (rule "RM:2")
2889  by (meson "instantiation" "&E"(1) "deduction-theorem" "existential:2[const_var]")
2890
2891AOT_theorem "sign-S5-thm:5": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
2892proof -
2893  {
2894    fix φ' ψ' χ'
2895    AOT_assume  φ' & ψ'  χ'
2896    AOT_hence φ' & ψ'  χ'
2897      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2898      using "&E" "&I" "→E" "→I" by metis
2899  } note R = this
2900  show ?thesis by (rule R; fact AOT)
2901qed
2902
2903AOT_theorem "sign-S5-thm:6": (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
2904proof -
2905  {
2906    fix φ' ψ' χ'
2907    AOT_assume  φ' & ψ'  χ'
2908    AOT_hence φ' & ψ'  χ'
2909      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2910      using "&E" "&I" "→E" "→I" by metis
2911  } note R = this
2912  show ?thesis by (rule R; fact AOT)
2913qed
2914
2915AOT_theorem "exist-nec2:1": τ  τ
2916  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
2917
2918AOT_theorem "exists-nec2:2": τ  τ
2919  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec" "exist-nec2:1" "≡I" "nec-imp-act")
2920
2921AOT_theorem "exists-nec2:3": ¬τ  ¬τ
2922  using "KBasic2:1" "deduction-theorem" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
2923
2924AOT_theorem "exists-nec2:4": ¬τ  ¬τ
2925  by (metis "Act-Sub:3" "KBasic:12" "deduction-theorem" "exist-nec" "exists-nec2:3" "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
2926
2927AOT_theorem "id-nec2:1": α = β  α = β
2928  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
2929
2930AOT_theorem "id-nec2:2": α  β  α  β
2931  apply (AOT_subst_using subst: "=-infix"[THEN "≡Df"])
2932  using "KBasic2:1" "deduction-theorem" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
2933
2934AOT_theorem "id-nec2:3": α  β  α  β
2935  apply (AOT_subst_using subst: "=-infix"[THEN "≡Df"])
2936  by (metis "KBasic:11" "deduction-theorem" "id-nec:2" "≡E"(3) "reductio-aa:2" "vdash-properties:6")
2937
2938AOT_theorem "id-nec2:4": α = β  α = β
2939  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
2940
2941AOT_theorem "id-nec2:5": α  β  α  β
2942  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
2943
2944AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
2945  apply (rule "≡I"; rule "→I")
2946  using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:10" apply blast
2947  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2) "raa-cor:5" "vdash-properties:6")
2948
2949AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
2950  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "deduction-theorem" "≡I" "nec-imp-act" "raa-cor:2" "vdash-properties:10")
2951
2952AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
2953proof (rule "→I"; rule "≡I"; rule "→I")
2954  AOT_assume (φ  φ)
2955  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
2956  moreover AOT_assume ¬φ
2957  ultimately AOT_have ¬φ
2958    using "modus-tollens:1" by blast
2959  AOT_thus ¬φ
2960    using "KBasic2:1" "≡E"(2) by blast
2961next
2962  AOT_assume (φ  φ)
2963  moreover AOT_assume ¬φ
2964  ultimately AOT_show ¬φ
2965    using "modus-tollens:1" "qml:2" "vdash-properties:10" "vdash-properties:1[2]" by blast
2966qed
2967
2968AOT_theorem "sc-eq-box-box:4": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
2969proof(rule "→I"; rule "→I")
2970  AOT_assume θ: (φ  φ) & (ψ  ψ)
2971  AOT_assume ξ: φ  ψ
2972  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
2973    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
2974  moreover {
2975    AOT_assume φ & ψ
2976    AOT_hence (φ  ψ)
2977      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
2978  }
2979  moreover {
2980    AOT_assume ¬φ & ¬ψ
2981    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
2982      using θ "Conjunction Simplification"(1) "Conjunction Simplification"(2) "sc-eq-box-box:3" "vdash-properties:10" by metis+
2983    ultimately AOT_have ¬φ & ¬ψ
2984      by (metis "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "≡E"(4) "modus-tollens:1" "raa-cor:3")
2985    AOT_hence (φ  ψ)
2986      using "KBasic:3" "KBasic:9" "≡E"(2) "vdash-properties:10" by blast
2987  }
2988  ultimately AOT_show (φ  ψ)
2989    using "∨E"(2) "reductio-aa:1" by blast
2990qed
2991
2992AOT_theorem "sc-eq-box-box:5": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
2993proof (rule "→I")
2994  AOT_assume ((φ  φ) & (ψ  ψ))
2995  AOT_hence ((φ  φ) & (ψ  ψ))
2996    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
2997  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
2998  proof (rule RM; rule "→I"; rule "→I")
2999    AOT_modally_strict {
3000      AOT_assume A: ((φ  φ) & (ψ  ψ))
3001      AOT_hence φ  φ and ψ  ψ
3002        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3003      moreover AOT_assume φ  ψ
3004      ultimately AOT_have φ  ψ
3005        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3006      moreover AOT_have (φ  ψ)  (φ  ψ)
3007        using A "sc-eq-box-box:4" "→E" by blast
3008      ultimately AOT_show (φ  ψ) using "→E" by blast
3009    }
3010  qed
3011  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3012qed
3013
3014AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3015proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3016  AOT_assume ¬(φ  ψ)
3017  AOT_hence 1: ¬(φ  ψ) by (metis "KBasic:11" "≡E"(1))
3018  AOT_have (φ & ¬ψ)
3019    apply (AOT_subst «φ & ¬ψ» «¬(φ  ψ)»)
3020     apply (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3021    by (fact 1)
3022  AOT_hence φ and 2: ¬ψ using "KBasic2:3"[THEN "→E"] "&E" by blast+
3023  moreover AOT_assume (φ  φ)
3024  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3025  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3026  moreover AOT_assume φ  ψ
3027  ultimately AOT_have ψ using "→E" by blast
3028  moreover AOT_have ¬ψ using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3029  ultimately AOT_show ψ & ¬ψ using "&I" by blast
3030qed
3031
3032AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3033proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3034  AOT_assume ¬𝒜(φ  ψ)
3035  AOT_hence 1: 𝒜¬(φ  ψ) by (metis "Act-Basic:1" "∨E"(2))
3036  AOT_have 𝒜(φ & ¬ψ)
3037    apply (AOT_subst «φ & ¬ψ» «¬(φ  ψ)»)
3038     apply (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3039    by (fact 1)
3040  AOT_hence 𝒜φ and 2: 𝒜¬ψ using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3041  AOT_hence φ by (metis "Act-Sub:3" "→E")
3042  moreover AOT_assume (φ  φ)
3043  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3044  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3045  moreover AOT_assume φ  𝒜ψ
3046  ultimately AOT_have 𝒜ψ using "→E" by blast
3047  moreover AOT_have ¬𝒜ψ using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3048  ultimately AOT_show 𝒜ψ & ¬𝒜ψ using "&I" by blast
3049qed
3050
3051AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3052  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3053
3054AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3055  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism" "deduction-theorem" "≡I" "nec-imp-act")
3056
3057AOT_theorem "sc-eq-fur:3": x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3058proof (rule "→I"; rule "→I")
3059  AOT_assume x (φ{x}  φ{x})
3060  AOT_hence A: x (φ{x}  φ{x}) using CBF "→E" by blast
3061  AOT_assume ∃!x φ{x}
3062  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3063    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3064  moreover AOT_have φ{a} using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3065  AOT_hence 𝒜φ{a} using "nec-imp-act" "vdash-properties:6" by blast
3066  moreover AOT_have y (𝒜φ{y}  y = a)
3067  proof (rule "∀I"; rule "→I")
3068    fix b
3069    AOT_assume 𝒜φ{b}
3070    AOT_hence φ{b}
3071      using "Act-Sub:3" "vdash-properties:6" by blast
3072    moreover {
3073      AOT_have (φ{b}  φ{b})
3074        using A "∀E"(2) by blast
3075      AOT_hence φ{b}  φ{b}
3076        using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:6" by blast
3077    }
3078    ultimately AOT_have φ{b} using "→E" by blast
3079    AOT_hence φ{b} using "qml:2"[axiom_inst] "→E" by blast
3080    AOT_thus b = a
3081      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3082  qed
3083  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3084    using "&I" by blast
3085  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x)) using "∃I" by fast
3086  AOT_hence ∃!x 𝒜φ{x} using "uniqueness:1"[THEN "≡dfI"] by fast
3087  AOT_thus ιx φ{x}
3088    using "actual-desc:1"[THEN "≡E"(2)] by blast
3089qed
3090
3091AOT_theorem "sc-eq-fur:4": x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3092proof (rule "→I")
3093  AOT_assume x (φ{x}  φ{x})
3094  AOT_hence x (φ{x}  φ{x}) using CBF "→E" by blast
3095  AOT_hence A: 𝒜φ{α}  φ{α} for α using "sc-eq-fur:2" "∀E" "→E" by fast
3096  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3097  proof (rule "≡I"; rule "→I")
3098    AOT_assume x = ιx φ{x}
3099    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3100      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3101    AOT_show φ{x} & z (φ{z}  z = x)
3102    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3103      AOT_show φ{x} using A B[THEN "&E"(1)] "≡E"(1) by blast
3104    next
3105      AOT_show z = x if φ{z} for z
3106        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3107    qed
3108  next
3109    AOT_assume B: φ{x} & z (φ{z}  z = x)
3110    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3111    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3112      AOT_show 𝒜φ{x} using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3113    next
3114      AOT_show b = x if 𝒜φ{b} for b
3115        using that A[THEN "≡E"(1)] B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3116    qed
3117    AOT_thus x = ιx φ{x}
3118      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3119  qed
3120qed
3121
3122AOT_theorem "id-act:1": α = β  𝒜α = β
3123  by (meson "Act-Sub:3" "Hypothetical Syllogism" "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3124
3125AOT_theorem "id-act:2": α  β  𝒜α  β
3126proof (AOT_subst "«α  β»" "«¬(α = β)»")
3127  AOT_modally_strict {
3128    AOT_show α  β  ¬(α = β)
3129      by (simp add: "=-infix" "≡Df")
3130  }
3131next
3132  AOT_show ¬(α = β)  𝒜¬(α = β)
3133  proof (safe intro!: "≡I" "→I")
3134    AOT_assume ¬α = β
3135    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3136    AOT_thus 𝒜¬α = β
3137      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3138  next
3139    AOT_assume 𝒜¬α = β
3140    AOT_hence ¬𝒜α = β
3141      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3142    AOT_thus ¬α = β
3143      using "id-act:1" "≡E"(4) by blast
3144  qed
3145qed
3146
3147AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3148proof -
3149  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3150    by (AOT_subst_using subst: "uniqueness:2")
3151       (simp add: "oth-class-taut:3:a")
3152  also AOT_have   α 𝒜β (φ{β}  β = α)
3153    by (simp add: "Act-Basic:10")
3154  also AOT_have   αβ 𝒜(φ{β}  β = α)
3155    by (AOT_subst "λ τ . «𝒜β (φ{β}  β = τ)»" "λ τ . «β 𝒜(φ{β}  β = τ)»")
3156       (auto simp: "logic-actual-nec:3" "vdash-properties:1[2]" "oth-class-taut:3:a")
3157  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3158    by (AOT_subst_rev "λ τ τ' . «𝒜(φ{τ'}  τ' = τ)»" "λ τ τ'. «𝒜φ{τ'}  𝒜τ' = τ»")
3159       (auto simp: "Act-Basic:5" "cqt-further:7")
3160  also AOT_have   αβ (𝒜φ{β}  β = α)
3161    apply (AOT_subst "λ τ τ' :: 'a . «𝒜τ' = τ»" "λ τ τ'. «τ' = τ»")
3162     apply (meson "id-act:1" "≡E"(6) "oth-class-taut:3:a")
3163    by (simp add: "cqt-further:7")
3164  also AOT_have ...  ∃!α 𝒜φ{α}
3165    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3166  finally show ?thesis .
3167qed
3168
3169AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3170  by (AOT_subst_using subst: "A-Exists:1")
3171     (simp add: "actual-desc:1")
3172
3173AOT_theorem "id-act-desc:1": ιx (x = y)
3174proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3175  AOT_show x E!x  E!x]ιx (x = y)
3176  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)]; rule "∃I"; (rule "&I")+)
3177    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3178  next
3179    AOT_show z (𝒜z = y  z = y)
3180      apply (rule "∀I")
3181      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3182  next
3183    AOT_show x E!x  E!x]y
3184    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3185      AOT_show x E!x  E!x]
3186        by "cqt:2[lambda]"
3187    next
3188      AOT_show E!y  E!y 
3189        by (simp add: "if-p-then-p")
3190    qed
3191  qed
3192next
3193  AOT_show x E!x  E!x]
3194    by "cqt:2[lambda]"
3195qed
3196
3197AOT_theorem "id-act-desc:2": y = ιx (x = y)
3198  by (rule descriptions[axiom_inst, THEN "≡E"(2)]; rule "∀I"; rule "id-act:1"[symmetric])
3199
3200AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3201  by (simp add: encoding "vdash-properties:1[2]")
3202
3203AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3204proof (rule "→I")
3205  AOT_assume x1x2[F]
3206  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3207    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3208  moreover AOT_have y [F]yx2] by "cqt:2[lambda]"
3209  moreover AOT_have y [F]x1y] by "cqt:2[lambda]"
3210  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3211    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3212  note A = this
3213  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3214    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3215  AOT_thus x1x2[F]
3216    by (rule "nary-encoding[2]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3217qed
3218
3219AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3220proof (rule "→I")
3221  AOT_assume x1x2x3[F]
3222  AOT_hence x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3223    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3224  moreover AOT_have y [F]yx2x3] by "cqt:2[lambda]"
3225  moreover AOT_have y [F]x1yx3] by "cqt:2[lambda]"
3226  moreover AOT_have y [F]x1x2y] by "cqt:2[lambda]"
3227  ultimately AOT_have x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3228    using encoding[axiom_inst, unvarify F] "→E" by blast+
3229  note A = this
3230  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3231    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3232  AOT_thus x1x2x3[F]
3233    by (rule "nary-encoding[3]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3234qed
3235
3236AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3237proof (rule "→I")
3238  AOT_assume x1x2x3x4[F]
3239  AOT_hence x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and  x4y [F]x1x2x3y]
3240    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3241  moreover AOT_have y [F]yx2x3x4] by "cqt:2[lambda]"
3242  moreover AOT_have y [F]x1yx3x4] by "cqt:2[lambda]"
3243  moreover AOT_have y [F]x1x2yx4] by "cqt:2[lambda]"
3244  moreover AOT_have y [F]x1x2x3y] by "cqt:2[lambda]"
3245  ultimately AOT_have x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and x4y [F]x1x2x3y]
3246    using "→E" encoding[axiom_inst, unvarify F] by blast+
3247  note A = this
3248  AOT_have B: (x1y [F]yx2x3x4] & x2y [F]x1yx3x4] & x3y [F]x1x2yx4] & x4y [F]x1x2x3y])
3249    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3250  AOT_thus x1x2x3x4[F]
3251    by (rule "nary-encoding[4]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3252qed
3253
3254AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3255proof (rule "→I"; rule "raa-cor:1")
3256  AOT_assume ¬¬x1[F]
3257  AOT_hence x1[F]
3258    by (rule "conventions:5"[THEN "≡dfI"])
3259  AOT_hence x1[F]
3260    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3261  moreover AOT_assume ¬x1[F]
3262  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3263qed
3264AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
3265proof (rule "→I"; rule "raa-cor:1")
3266  AOT_assume ¬¬x1x2[F]
3267  AOT_hence x1x2[F]
3268    by (rule "conventions:5"[THEN "≡dfI"])
3269  AOT_hence x1x2[F]
3270    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3271  moreover AOT_assume ¬x1x2[F]
3272  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
3273qed
3274
3275AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3276proof (rule "→I"; rule "raa-cor:1")
3277  AOT_assume ¬¬x1x2x3[F]
3278  AOT_hence x1x2x3[F]
3279    by (rule "conventions:5"[THEN "≡dfI"])
3280  AOT_hence x1x2x3[F]
3281    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3282  moreover AOT_assume ¬x1x2x3[F]
3283  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
3284qed
3285
3286AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3287proof (rule "→I"; rule "raa-cor:1")
3288  AOT_assume ¬¬x1x2x3x4[F]
3289  AOT_hence x1x2x3x4[F]
3290    by (rule "conventions:5"[THEN "≡dfI"])
3291  AOT_hence x1x2x3x4[F]
3292    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3293  moreover AOT_assume ¬x1x2x3x4[F]
3294  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
3295qed
3296
3297AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
3298  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3299AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
3300  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3301AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3302  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3303AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3304  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3305
3306AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
3307  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
3308AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
3309  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
3310AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
3311  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
3312AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
3313  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
3314
3315AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
3316  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[1]"] "≡I" by blast
3317AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
3318  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[2]"] "≡I" by blast
3319AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
3320  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[3]"] "≡I" by blast
3321AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
3322  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[4]"] "≡I" by blast
3323
3324AOT_theorem "en-eq:4[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3325  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3326  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
3327AOT_theorem "en-eq:4[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3328  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3329  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
3330AOT_theorem "en-eq:4[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3331  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3332  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
3333AOT_theorem "en-eq:4[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3334  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3335  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
3336
3337AOT_theorem "en-eq:5[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3338  apply (rule "≡I"; rule "→I")
3339  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3340  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3341        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]] by blast
3342AOT_theorem "en-eq:5[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3343  apply (rule "≡I"; rule "→I")
3344  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3345  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3346        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]] by blast
3347AOT_theorem "en-eq:5[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3348  apply (rule "≡I"; rule "→I")
3349  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3350  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3351        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]] by blast
3352AOT_theorem "en-eq:5[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3353  apply (rule "≡I"; rule "→I")
3354  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3355  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3356        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]] by blast
3357
3358AOT_theorem "en-eq:6[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3359  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
3360AOT_theorem "en-eq:6[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3361  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
3362AOT_theorem "en-eq:6[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3363  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
3364AOT_theorem "en-eq:6[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3365  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
3366
3367AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
3368  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
3369AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
3370  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
3371AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3372  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
3373AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3374  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
3375
3376AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
3377  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3378AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
3379  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3380AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3381  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3382AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3383  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3384
3385AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
3386  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
3387AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
3388  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
3389AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3390  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
3391AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3392  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
3393
3394AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
3395  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
3396AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
3397  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
3398AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
3399  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
3400AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
3401  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
3402
3403AOT_theorem "oa-facts:1": O!x  O!x
3404proof(rule "→I")
3405  AOT_modally_strict {
3406    AOT_have x E!x]x  E!x
3407      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3408  } note θ = this
3409  AOT_assume O!x
3410  AOT_hence x E!x]x
3411    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3412  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
3413  AOT_hence 0: E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
3414  AOT_have x E!x]x
3415    by (AOT_subst_using subst: θ) (simp add: 0)
3416  AOT_thus O!x
3417    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3418qed
3419
3420AOT_theorem "oa-facts:2": A!x  A!x
3421proof(rule "→I")
3422  AOT_modally_strict {
3423    AOT_have x ¬E!x]x  ¬E!x
3424      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3425  } note θ = this
3426  AOT_assume A!x
3427  AOT_hence x ¬E!x]x
3428    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3429  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
3430  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
3431  AOT_hence 0: ¬E!x using "4"[THEN "→E"] by blast
3432  AOT_have 1: ¬E!x
3433    apply (AOT_subst "«¬E!x»" "«¬E!x»")
3434    using "KBasic2:1"[symmetric] apply blast
3435    using 0 by blast
3436  AOT_have x ¬E!x]x
3437    by (AOT_subst_using subst: θ) (simp add: 1)
3438  AOT_thus A!x
3439    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3440qed
3441
3442AOT_theorem "oa-facts:3": O!x  O!x
3443  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3444AOT_theorem "oa-facts:4": A!x  A!x
3445  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3446
3447AOT_theorem "oa-facts:5": O!x  O!x
3448  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3449
3450AOT_theorem "oa-facts:6": A!x  A!x
3451  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3452
3453AOT_theorem "oa-facts:7": O!x  𝒜O!x
3454  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3455
3456AOT_theorem "oa-facts:8": A!x  𝒜A!x
3457  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3458
3459AOT_theorem "beta-C-meta": μ1...μn φ{μ1...μn, ν1...νn}]  (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3460  using "lambda-predicates:2"[axiom_inst] by blast
3461
3462AOT_theorem "beta-C-cor:1": (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}]))  ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3463  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
3464  using "beta-C-meta" "∀I" by fast
3465
3466AOT_theorem "beta-C-cor:2": μ1...μn φ{μ1...μn}]  ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
3467  apply (rule "→I"; rule "∀I")
3468  using "beta-C-meta"[THEN "→E"] by fast
3469
3470(* TODO: syntax + double-check if this is really a faithful representation *)
3471theorem "beta-C-cor:3": assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
3472  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn,μ1...μn}]ν1...νn  φ{ν1...νn,ν1...νn})]
3473  using "cqt:2[lambda]"[axiom_inst, OF assms] "beta-C-cor:1"[THEN "→E"] "∀I" by fast
3474
3475AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
3476proof -
3477  AOT_modally_strict {
3478    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
3479    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
3480      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
3481    ultimately AOT_show φ{κ1...κn}
3482      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
3483  }
3484qed
3485
3486AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
3487  using "betaC:1:a" "raa-cor:3" by blast
3488
3489lemmas "β→C" = "betaC:1:a" "betaC:1:b"
3490
3491AOT_theorem "betaC:2:a": μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3492proof -
3493  AOT_modally_strict {
3494    AOT_assume 1: μ1...μn φ{μ1...μn}] and 2: κ1...κn and 3: φ{κ1...κn}
3495    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
3496      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)] by blast
3497  }
3498  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3499    by blast
3500qed
3501
3502AOT_theorem "betaC:2:b": μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn  ¬φ{κ1...κn}
3503  using "betaC:2:a" "raa-cor:3" by blast
3504
3505lemmas "β←C" = "betaC:2:a" "betaC:2:b"
3506
3507AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
3508  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
3509
3510AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
3511  using "eta-conversion-lemma1:1". (* TODO: spurious in the embedding *)
3512
3513(* match (τ) in "λa . ?b" ⇒ ‹match (τ') in "λa . ?b" ⇒ ‹fail›› ¦ _ ⇒ ‹ *)
3514
3515text‹Note: not explicitly part of PLM.›
3516AOT_theorem id_sym: assumes τ = τ' shows τ' = τ
3517  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
3518        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
3519declare id_sym[sym]
3520
3521text‹Note: not explicitly part of PLM.›
3522AOT_theorem id_trans: assumes τ = τ' and τ' = τ'' shows τ = τ''
3523  using "rule=E" assms by blast
3524declare id_trans[trans]
3525
3526method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> = (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  3527rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"[THEN "→E", of v "«[Π]»", symmetric]]
3528)
3529(*
3530AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
3531  apply ("ηC" "«[P]»") defer
3532   apply ("ηC" "«[S]»") defer
3533  oops
3534*)
3535(* TODO: proper representation of eta_conversion_lemma2 *)
3536
3537AOT_theorem "sub-des-lam:1": z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}  z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3538proof(rule "→I")
3539  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
3540  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3541    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, τ}]»",
3542               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
3543    by blast
3544qed
3545
3546AOT_theorem "sub-des-lam:2": ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
3547  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»", OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
3548
3549AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
3550proof(rule "≡I"; rule "→I")
3551  AOT_assume F = G
3552  AOT_thus x (x[F]  x[G])
3553    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
3554next
3555  AOT_assume x (x[F]  x[G])
3556  AOT_hence x[F]  x[G] for x using "∀E" by blast
3557  AOT_hence (x[F]  x[G]) for x using "en-eq:6[1]"[THEN "≡E"(1)] by blast
3558  AOT_hence x (x[F]  x[G]) by (rule GEN)
3559  AOT_hence x (x[F]  x[G]) using BF[THEN "→E"] by fast
3560  AOT_thus "F = G" using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
3561qed
3562
3563AOT_theorem "relations:1":
3564  assumes INSTANCE_OF_CQT_2(φ)
3565  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
3566  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
3567  using "cqt:2[lambda]"[OF assms, axiom_inst] "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
3568
3569AOT_theorem "relations:2":
3570  assumes INSTANCE_OF_CQT_2(φ)
3571  shows F x ([F]x  φ{x})
3572  using "relations:1" assms by blast
3573
3574AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
3575proof(rule RAA(2))
3576  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
3577  AOT_assume A: x « x»]
3578  AOT_have x (A!x & F (x[F]  F = x « x»]))
3579    using "A-objects"[axiom_inst] by fast
3580  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
3581    using "∃E"[rotated] by blast
3582  AOT_show ¬x G (x[G] & ¬[G]x)]
3583  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3584    AOT_assume B: x « x»]a
3585    AOT_hence G (a[G] & ¬[G]a) using "β→C" A by blast
3586    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3587    moreover AOT_have P = x « x»]
3588      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3589    ultimately AOT_have ¬x « x»]a
3590      using "rule=E" "&E"(2) by fast
3591    AOT_thus ¬x G (x[G] & ¬[G]x)] using B RAA by blast
3592  next
3593    AOT_assume B: ¬x « x»]a
3594    AOT_hence ¬G (a[G] & ¬[G]a) using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
3595    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3596    AOT_have G (a[G]  [G]a)
3597      by (AOT_subst "λ Π . «a[Π]  [Π]a»" "λ Π . «¬(a[Π] & ¬[Π]a)»")
3598         (auto simp: "oth-class-taut:1:a" C)
3599    AOT_hence ax « x»]  x « x»]a using "∀E" A by blast
3600    moreover AOT_have ax « x»] using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
3601      using "=I"(1)[OF A] by blast
3602    ultimately AOT_show ¬x G (x[G] & ¬[G]x)] using B "→E" RAA by blast
3603  qed
3604qed(simp)
3605
3606AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
3607proof(rule RAA(2))
3608  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
3609  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x)) using "∃E"[rotated] by blast
3610  AOT_have x (A!x & G (x[G]  G = F))
3611    using "A-objects"[axiom_inst] by fast
3612  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
3613    using "∃E"[rotated] by blast
3614  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
3615  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3616    AOT_assume B: [F]a
3617    AOT_hence G (a[G] & ¬[G]a) using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
3618    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3619    moreover AOT_have P = F
3620      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3621    ultimately AOT_have ¬[F]a
3622      using "rule=E" "&E"(2) by fast
3623    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x)) using B RAA by blast
3624  next
3625    AOT_assume B: ¬[F]a
3626    AOT_hence ¬G (a[G] & ¬[G]a)
3627      using "oth-class-taut:4:b"[THEN "≡E"(1), OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)] by simp
3628    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3629    AOT_have G (a[G]  [G]a)
3630      by (AOT_subst "λ Π . «a[Π]  [Π]a»" "λ Π . «¬(a[Π] & ¬[Π]a)»")
3631         (auto simp: "oth-class-taut:1:a" C)
3632    AOT_hence a[F]  [F]a using "∀E" by blast
3633    moreover AOT_have a[F] using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
3634      using "=I"(2) by blast
3635    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x)) using B "→E" RAA by blast
3636  qed
3637qed(simp)
3638
3639AOT_theorem "block-paradox:3": ¬y z z = y]
3640proof(rule RAA(2))
3641  AOT_assume θ: y z z = y]
3642  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
3643    using "A-objects"[axiom_inst] by force
3644  then AOT_obtain a where a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
3645    using "∃E"[rotated] by blast
3646  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
3647    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
3648  AOT_show ¬y z z = y]
3649  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3650    AOT_assume A: az z = a]
3651    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
3652      using ζ[THEN "≡E"(1)] by blast
3653    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
3654      using "∃E"[rotated] by blast
3655    moreover AOT_have a = a by (rule "=I")
3656    moreover AOT_have z z = a] using θ "∀E" by blast
3657    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
3658    ultimately AOT_have z z = a]a using "β←C" by blast
3659    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
3660    AOT_hence a = b using "β→C" by blast
3661    AOT_hence bz z = a] using A "rule=E" by fast
3662    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
3663  next
3664    AOT_assume A: ¬az z = a]
3665    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
3666      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3667    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
3668      using "cqt-further:4"[THEN "→E"] by blast
3669    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
3670      using "∀E" by blast
3671    AOT_hence z z = a] = z z = a]  az z = a]
3672      by (metis "&I" "deduction-theorem" "raa-cor:4")
3673    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
3674    AOT_thus ¬y z z = y] using A RAA by blast
3675  qed
3676qed(simp)
3677
3678AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
3679proof(rule RAA(2))
3680  AOT_assume θ: y F x([F]x  x = y)
3681  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
3682    using "A-objects"[axiom_inst] by force
3683  then AOT_obtain a where a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
3684    using "∃E"[rotated] by blast
3685  AOT_obtain F where F_prop: x ([F]x  x = a) using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
3686  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
3687    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
3688  AOT_show ¬y F x([F]x  x = y)
3689  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3690    AOT_assume A: a[F]
3691    AOT_hence z (y ([F]y  y = z) & ¬z[F])
3692      using ζ[THEN "≡E"(1)] by blast
3693    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
3694      using "∃E"[rotated] by blast
3695    moreover AOT_have [F]a using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
3696    ultimately AOT_have a = b using "∀E"(2) "≡E"(1) "&E" by fast
3697    AOT_hence a = b using "β→C" by blast
3698    AOT_hence b[F] using A "rule=E" by fast
3699    AOT_thus ¬y F x([F]x  x = y) using b_prop[THEN "&E"(2)] RAA by blast
3700  next
3701    AOT_assume A: ¬a[F]
3702    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
3703      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3704    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
3705      using "cqt-further:4"[THEN "→E"] by blast
3706    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
3707      using "∀E" by blast
3708    AOT_hence y ([F]y  y = a)  a[F]
3709      by (metis "&I" "deduction-theorem" "raa-cor:4")
3710    AOT_hence a[F] using F_prop "→E" by blast
3711    AOT_thus ¬y F x([F]x  x = y) using A RAA by blast
3712  qed
3713qed(simp)
3714
3715AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
3716proof(rule "raa-cor:2")
3717  AOT_assume Fxy([F]xy  y = x)
3718  then AOT_obtain F where F_prop: xy([F]xy  y = x) using "∃E"[rotated] by blast
3719  {
3720    fix x
3721    AOT_have 1: y([F]xy  y = x) using F_prop "∀E" by blast
3722    AOT_have 2: z [F]xz] by "cqt:2[lambda]"
3723    moreover AOT_have y(z [F]xz]y  y = x)
3724    proof(rule "∀I")
3725      fix y
3726      AOT_have z [F]xz]y  [F]xy
3727        using "beta-C-meta"[THEN "→E"] 2 by fast
3728      also AOT_have ...  y = x using 1 "∀E"
3729        by fast
3730      finally AOT_show z [F]xz]y  y = x.
3731    qed
3732    ultimately AOT_have Fy([F]y  y = x)
3733      using "∃I" by fast
3734  }
3735  AOT_hence xFy([F]y  y = x)
3736    by (rule GEN)
3737  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
3738    using "&I" "block-paradox:4" by blast
3739qed
3740
3741AOT_act_theorem "block-paradox2:1": x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3742proof(rule "→I"; rule "raa-cor:2")
3743  AOT_assume antecedant: x [G]x
3744  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
3745  proof(rule GEN)
3746    fix x
3747    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x))  ∃!y (y = x & H (x[H] & ¬[H]x))
3748    proof(rule "≡I"; rule "→I")
3749      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
3750      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
3751        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
3752      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
3753        using "1-exists:1"[THEN "≡E"(1)] by blast
3754    next
3755      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3756      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x) and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
3757        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3758      AOT_have a_3: [G]a
3759        using antecedant "∀E" by blast
3760      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
3761        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
3762        apply (rule "∃I"(2))
3763        using a_1 a_2 a_3 "&I" by blast
3764    qed
3765    also AOT_have B: ...  H (x[H] & ¬[H]x)
3766    proof (rule "≡I"; rule "→I")
3767      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3768      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
3769        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3770      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
3771    next
3772      AOT_assume H (x[H] & ¬[H]x)
3773      AOT_hence x = x & H (x[H] & ¬[H]x)
3774        using "id-eq:1" "&I" by blast
3775      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
3776        by (simp add: "Conjunction Simplification"(1) "universal-cor")
3777      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
3778        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
3779    qed
3780    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
3781  qed
3782
3783  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3784  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  [G]ιy(y = x & H (x[H] & ¬[H]x)))
3785    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
3786  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
3787    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
3788  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
3789    using "∃I"(1) A by fast
3790  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) & (¬F x ([F]x  H (x[H] & ¬[H]x)))
3791    using "block-paradox:2" "&I" by blast
3792qed
3793
3794AOT_act_theorem "block-paradox2:2": G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3795proof(rule "∃I"(1))
3796  AOT_have 0: x p (p p)]
3797    by "cqt:2[lambda]"
3798  moreover AOT_have x x p (p p)]x
3799    apply (rule GEN)
3800    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
3801    using "if-p-then-p" GEN by fast
3802  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
3803      using "block-paradox2:1" "∀I" by fast
3804  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
3805    using "∀E"(1) "→E" by blast
3806qed("cqt:2[lambda]")
3807
3808AOT_theorem propositions: p (p  φ)
3809proof(rule "∃I"(1))
3810  AOT_show (φ  φ)
3811    by (simp add: RN "oth-class-taut:3:a")
3812next
3813  AOT_show φ
3814    by (simp add: "log-prop-prop:2")
3815qed
3816
3817AOT_theorem "pos-not-equiv-ne:1": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3818proof (rule "→I")
3819  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3820  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3821    using "KBasic:11"[THEN "≡E"(2)] by blast
3822  AOT_hence ¬(F = G)
3823    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
3824  AOT_thus F  G
3825    using "=-infix"[THEN "≡dfI"] by blast
3826qed
3827
3828AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
3829proof (rule "→I")
3830  AOT_modally_strict {
3831    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
3832    proof (rule "→I"; rule "raa-cor:2")
3833      AOT_assume 1: F = G
3834      AOT_hence φ{F}  φ{G} using "l-identity"[axiom_inst, THEN "→E"] by blast
3835      moreover {
3836        AOT_have G = F using 1 id_sym by blast
3837        AOT_hence φ{G}  φ{F} using "l-identity"[axiom_inst, THEN "→E"] by blast
3838      }
3839      ultimately AOT_have φ{F}  φ{G} using "≡I" by blast
3840      moreover AOT_assume ¬(φ{F}  φ{G})
3841      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
3842        using "&I" by blast
3843    qed
3844  }
3845  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
3846    using "RM:2[prem]" by blast
3847  moreover AOT_assume ¬(φ{F}  φ{G})
3848  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
3849  AOT_have (F  G)
3850    by (AOT_subst "«F  G»" "«¬(F = G)»")
3851       (auto simp: "=-infix" "≡Df" 0)
3852  AOT_thus F  G
3853    using "id-nec2:3"[THEN "→E"] by blast
3854qed
3855
3856AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
3857proof (rule "→I")
3858  AOT_modally_strict {
3859    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
3860    proof (rule "→I"; rule "raa-cor:2")
3861      AOT_assume 1: p = q
3862      AOT_hence φ{p}  φ{q} using "l-identity"[axiom_inst, THEN "→E"] by blast
3863      moreover {
3864        AOT_have q = p using 1 id_sym by blast
3865        AOT_hence φ{q}  φ{p} using "l-identity"[axiom_inst, THEN "→E"] by blast
3866      }
3867      ultimately AOT_have φ{p}  φ{q} using "≡I" by blast
3868      moreover AOT_assume ¬(φ{p}  φ{q})
3869      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
3870        using "&I" by blast
3871    qed
3872  }
3873  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
3874    using "RM:2[prem]" by blast
3875  moreover AOT_assume ¬(φ{p}  φ{q})
3876  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
3877  AOT_have (p  q)
3878    by (AOT_subst "«p  q»" "«¬(p = q)»")
3879       (auto simp: 0 "=-infix" "≡Df")
3880  AOT_thus p  q
3881    using "id-nec2:3"[THEN "→E"] by blast
3882qed
3883
3884AOT_theorem "pos-not-equiv-ne:3": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3885  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
3886
3887AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
3888  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
3889
3890AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
3891  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"] "T◇"[THEN "→E"] by blast
3892
3893AOT_define relation_negation ::  Π" ("_-")
3894  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
3895
3896nonterminal φneg
3897syntax "" :: "φneg  τ" ("_")
3898syntax "" :: "φneg  φ" ("'(_')")
3899
3900AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
3901  "df-relation-negation[zero]": "(p)- =df  ¬p]"
3902
3903AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
3904  by "cqt:2[lambda]"
3905
3906AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
3907  using "cqt:2[lambda0]"[axiom_inst] by blast
3908
3909AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
3910  using "=I"(1)[OF "rel-neg-T:1"]
3911  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
3912
3913AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
3914  using "=I"(1)[OF "rel-neg-T:1[zero]"]
3915  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
3916
3917AOT_theorem "rel-neg-T:3": [Π]-
3918  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"] "rel-neg-T:1" by blast
3919
3920AOT_theorem "rel-neg-T:3[zero]": (φ)-
3921  using "log-prop-prop:2" by blast
3922(*  using "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"] "rel-neg-T:1[zero]" by blast *)
3923
3924(* Note: PLM states the zero place case twice *)
3925AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
3926proof -
3927  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
3928    using "rule=E"[rotated, OF "rel-neg-T:2"] "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
3929    "→I" "≡I" by fast
3930  also AOT_have ...  ¬[F]x1...xn
3931    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
3932  finally show ?thesis.
3933qed
3934
3935AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
3936  apply (AOT_subst "«[F]x1...xn»" "«¬¬[F]x1...xn»")
3937   apply (simp add: "oth-class-taut:3:b")
3938  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
3939  using "thm-relation-negation:1".
3940
3941AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
3942proof -
3943  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
3944  AOT_hence ((p)-)   ¬p]
3945    using "df-relation-negation[zero]" "log-prop-prop:2" "oth-class-taut:3:a" "rule-id-df:2:a" by blast
3946  also AOT_have  ¬p]  ¬p
3947    by (simp add: "propositions-lemma:2")
3948  finally show ?thesis.
3949qed
3950
3951AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
3952  using "thm-relation-negation:3"[THEN "≡E"(1)]
3953        "thm-relation-negation:3"[THEN "≡E"(2)]
3954        "≡I" "→I" RAA by metis
3955
3956AOT_theorem "thm-relation-negation:5": [F]  [F]-
3957proof -
3958  AOT_have ¬([F] = [F]-)
3959  proof (rule RAA(2))
3960    AOT_show [F]x1...xn  [F]x1...xn for x1xn
3961      using "if-p-then-p".
3962  next
3963    AOT_assume [F] = [F]-
3964    AOT_hence [F]- = [F] using id_sym by blast
3965    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
3966      using "rule=E" "thm-relation-negation:1" by fast
3967    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
3968      using "≡E" RAA by metis
3969  qed
3970  thus ?thesis
3971    using "≡dfI" "=-infix" by blast
3972qed
3973
3974AOT_theorem "thm-relation-negation:6": p  (p)-
3975proof -
3976  AOT_have ¬(p = (p)-)
3977  proof (rule RAA(2))
3978    AOT_show p  p
3979      using "if-p-then-p".
3980  next
3981    AOT_assume p = (p)-
3982    AOT_hence (p)- = p using id_sym by blast
3983    AOT_hence p  ¬p
3984      using "rule=E" "thm-relation-negation:3" by fast
3985    AOT_thus ¬(p  p)
3986      using "≡E" RAA by metis
3987  qed
3988  thus ?thesis
3989    using "≡dfI" "=-infix" by blast
3990qed
3991
3992AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
3993  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
3994  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]" "propositions-lemma:1" id_trans by blast+
3995
3996AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
3997proof(rule "→I")
3998  AOT_assume p = q
3999  moreover AOT_have (¬p) using "log-prop-prop:2".
4000  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4001  ultimately AOT_show (¬p) = (¬q)
4002    using "rule=E" by fast
4003qed
4004
4005AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4006proof(rule "→I")
4007  AOT_assume p = q
4008  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4009  AOT_thus (p)- = (q)-
4010    using "thm-relation-negation:7" id_sym id_trans by metis
4011qed
4012
4013AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4014  "contingent-properties:1": Necessary([F]) df x1...∀xn [F]x1...xn
4015
4016AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4017  "contingent-properties:1[zero]": Necessary0(p) df p
4018
4019AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4020  "contingent-properties:2": Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4021
4022AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4023  "contingent-properties:2[zero]": Impossible0(p) df ¬p
4024
4025AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4026  "contingent-properties:3": NonContingent([F]) df Necessary([F])  Impossible([F])
4027
4028AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4029  "contingent-properties:3[zero]": NonContingent0(p) df Necessary0(p)  Impossible0(p)
4030
4031AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4032  "contingent-properties:4": Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4033
4034AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4035  "contingent-properties:4[zero]": Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4036
4037
4038AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4039proof (rule "≡I"; rule "→I")
4040  AOT_assume NonContingent([F])
4041  AOT_hence Necessary([F])  Impossible([F])
4042    using "≡dfE"[OF "contingent-properties:3"] by blast
4043  moreover {
4044    AOT_assume Necessary([F])
4045    AOT_hence (x1...∀xn [F]x1...xn)
4046      using "≡dfE"[OF "contingent-properties:1"] by blast
4047    moreover AOT_modally_strict {
4048      AOT_assume x1...∀xn [F]x1...xn
4049      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4050      AOT_hence ¬[F]-x1...xn for x1xn
4051        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:2" "≡E"(1))
4052      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4053    }
4054    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4055      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4056    AOT_hence Impossible([F]-)
4057      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(2)]
4058      by blast
4059  }
4060  moreover {
4061    AOT_assume Impossible([F])
4062    AOT_hence (x1...∀xn ¬[F]x1...xn)
4063      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4064      by blast
4065    moreover AOT_modally_strict {
4066      AOT_assume x1...∀xn ¬[F]x1...xn
4067      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4068      AOT_hence [F]-x1...xn for x1xn
4069        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(1))
4070      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4071    }
4072    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4073      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4074    AOT_hence Necessary([F]-)
4075      using "≡dfI"[OF "contingent-properties:1"] by blast
4076  }
4077  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4078    using "∨E"(1) "∨I" "→I" by metis
4079  AOT_thus NonContingent([F]-)
4080    using "≡dfI"[OF "contingent-properties:3"] by blast
4081next
4082  AOT_assume NonContingent([F]-)
4083  AOT_hence Necessary([F]-)  Impossible([F]-)
4084    using "≡dfE"[OF "contingent-properties:3"] by blast
4085  moreover {
4086    AOT_assume Necessary([F]-)
4087    AOT_hence (x1...∀xn [F]-x1...xn)
4088      using "≡dfE"[OF "contingent-properties:1"] by blast
4089    moreover AOT_modally_strict {
4090      AOT_assume x1...∀xn [F]-x1...xn
4091      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4092      AOT_hence ¬[F]x1...xn for x1xn
4093        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(2))
4094      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4095    }
4096    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4097      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4098    AOT_hence Impossible([F])
4099      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4100      by blast
4101  }
4102  moreover {
4103    AOT_assume Impossible([F]-)
4104    AOT_hence (x1...∀xn ¬[F]-x1...xn)
4105      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(1)]
4106      by blast
4107    moreover AOT_modally_strict {
4108      AOT_assume x1...∀xn ¬[F]-x1...xn
4109      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
4110      AOT_hence [F]x1...xn for x1xn 
4111        using "thm-relation-negation:1"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4112              "useful-tautologies:1"[THEN "→E"] by blast
4113      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
4114    }
4115    ultimately AOT_have (x1...∀xn [F]x1...xn)
4116      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
4117    AOT_hence Necessary([F])
4118      using "≡dfI"[OF "contingent-properties:1"] by blast
4119  }
4120  ultimately AOT_have Necessary([F])  Impossible([F])
4121    using "∨E"(1) "∨I" "→I" by metis
4122  AOT_thus NonContingent([F])
4123    using "≡dfI"[OF "contingent-properties:3"] by blast
4124qed
4125
4126AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
4127proof -
4128  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
4129    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]]
4130    by blast
4131  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
4132    using "oth-class-taut:5:d" by fastforce
4133  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
4134    by (simp add: "Commutativity of &")
4135  also AOT_have ...  x [F]x & ¬Necessary([F])
4136  proof (rule "oth-class-taut:4:e"[THEN "→E"])
4137    AOT_have ¬Impossible([F])  ¬¬ x [F]x
4138      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4139      apply (AOT_subst "«x [F]x»" "«¬ x ¬[F]x»")
4140       apply (simp add: "conventions:4" "≡Df")
4141      apply (AOT_subst_rev "«x ¬[F]x»" "«¬¬x ¬[F]x»" )
4142       apply (simp add: "oth-class-taut:3:b")
4143      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]] by blast
4144    also AOT_have ...  x [F]x
4145      using "conventions:5"[THEN "≡Df", symmetric] by blast
4146    finally AOT_show ¬Impossible([F])  x [F]x .
4147  qed
4148  also AOT_have ...  x [F]x & x ¬[F]x
4149  proof (rule "oth-class-taut:4:f"[THEN "→E"])
4150    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
4151      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4152      apply (AOT_subst "«x ¬[F]x»" "«¬ x ¬¬[F]x»")
4153       apply (simp add: "conventions:4" "≡Df")
4154      apply (AOT_subst_rev "λ κ . «[F]κ»" "λ κ . «¬¬[F]κ»")
4155       apply (simp add: "oth-class-taut:3:b")
4156      apply (AOT_subst_rev "«x [F]x»" "«¬¬x [F]x»")
4157      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
4158    also AOT_have ...  x ¬[F]x
4159      using "conventions:5"[THEN "≡Df", symmetric] by blast
4160    finally AOT_show ¬Necessary([F])  x ¬[F]x.
4161  qed
4162  finally show ?thesis.
4163qed
4164
4165AOT_theorem "thm-cont-prop:3": Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
4166proof -
4167  {
4168    fix Π :: <κ>
4169    AOT_assume Π
4170    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4171      using "thm-cont-prop:2" GEN by fast
4172    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
4173      using "thm-cont-prop:2" "∀E" by fast
4174  } note 1 = this
4175  AOT_have Contingent([F])  x [F]x & x ¬[F]x
4176    using "thm-cont-prop:2" by blast
4177  also AOT_have ...  x ¬[F]x & x [F]x
4178    by (simp add: "Commutativity of &")
4179  also AOT_have ...  x [F]-x & x [F]x
4180    by (AOT_subst "λ κ . «[F]-κ»"  "λκ . «¬[F]κ»")
4181       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
4182  also AOT_have ...  x [F]-x & x ¬[F]-x
4183    by (AOT_subst_rev "λ κ . «¬[F]-κ»"  "λκ . «[F]κ»")
4184       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
4185  also AOT_have ...  Contingent([F]-)
4186    using 1[OF "rel-neg-T:3", symmetric] by blast
4187  finally show ?thesis.
4188qed
4189
4190AOT_define concrete_if_concrete :: ‹Π› ("L")  L_def: L =df x E!x  E!x]
4191
4192AOT_theorem "thm-noncont-e-e:1": Necessary(L)
4193proof -
4194  AOT_modally_strict {
4195    fix x
4196    AOT_have x E!x  E!x] by "cqt:2[lambda]"
4197    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4198    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4199    ultimately AOT_have x E!x  E!x]x
4200      using "β←C" by blast
4201  }
4202  AOT_hence 0: x x E!x  E!x]x
4203    using RN GEN by blast
4204  show ?thesis
4205    apply (rule "=dfI"(2)[OF L_def])
4206     apply "cqt:2[lambda]"
4207    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
4208qed
4209
4210AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
4211proof -
4212  AOT_modally_strict {
4213    fix x
4214
4215    AOT_have 0: F (¬[F]-x  [F]x)
4216      using "thm-relation-negation:2" GEN by fast
4217    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
4218      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
4219    moreover {
4220      AOT_have x E!x  E!x] by "cqt:2[lambda]"
4221      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4222      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4223      ultimately AOT_have x E!x  E!x]x
4224        using "β←C" by blast
4225    }
4226    ultimately AOT_have ¬x E!x  E!x]-x
4227      using "≡E" by blast
4228  }
4229  AOT_hence 0: x ¬x E!x  E!x]-x
4230    using RN GEN by fast
4231  show ?thesis
4232    apply (rule "=dfI"(2)[OF L_def])
4233     apply "cqt:2[lambda]"
4234    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
4235     using "rel-neg-T:3"
4236     apply blast
4237    using 0
4238    by blast
4239qed
4240
4241AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
4242  using "thm-noncont-e-e:1"
4243  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
4244
4245AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
4246proof -
4247  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
4248    using "thm-cont-prop:1" "∀I" by fast
4249  moreover AOT_have 1: L
4250    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4251  AOT_show NonContingent([L]-)
4252    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
4253qed
4254
4255AOT_theorem "thm-noncont-e-e:5": F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
4256proof (rule "∃I")+
4257  {
4258    AOT_have F [F]  [F]- using "thm-relation-negation:5" GEN by fast
4259    moreover AOT_have L
4260      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4261    ultimately AOT_have L  [L]- using "∀E" by blast
4262  }
4263  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
4264    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
4265next
4266  AOT_show [L]-
4267    using "rel-neg-T:3" by blast
4268next
4269  AOT_show L
4270      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4271qed
4272
4273AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4274proof -
4275  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
4276    using "BF◇" "CBF◇" "≡I" by blast
4277  also AOT_have   x ([F]x &  ¬[F]x)
4278    by (AOT_subst λκ. «([F]κ & ¬[F]κ)»  λ κ .  «[F]κ &  ¬[F]κ»)
4279       (auto simp: "S5Basic:11" "cqt-further:7")
4280  also AOT_have   x (¬[F]x & [F]x)
4281    by (AOT_subst λκ. «¬[F]κ & [F]κ»  λ κ .  «[F]κ & ¬[F]κ»)
4282       (auto simp: "Commutativity of &" "cqt-further:7")
4283  also AOT_have   x (¬[F]x & [F]x)
4284    by (AOT_subst λ κ .  «(¬[F]κ & [F]κ)» λκ. «¬[F]κ & [F]κ»)
4285       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
4286  also AOT_have   x (¬[F]x & [F]x)
4287    using "BF◇" "CBF◇" "≡I" by fast
4288  finally show ?thesis.
4289qed
4290
4291AOT_theorem "lem-cont-e:2": x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
4292proof -
4293  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4294    using "lem-cont-e:1".
4295  also AOT_have   x ([F]-x & ¬[F]-x)
4296    apply (AOT_subst "λ κ . «¬[F]-κ»" "λ κ . «[F]κ»")
4297     apply (simp add: "thm-relation-negation:2")
4298    apply (AOT_subst "λ κ . «[F]-κ»" "λ κ . «¬[F]κ»")
4299     apply (simp add: "thm-relation-negation:1")
4300    by (simp add: "oth-class-taut:3:a")
4301  finally show ?thesis.
4302qed
4303
4304AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
4305proof (rule "CBF◇"[THEN "→E"])
4306  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
4307  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4308  AOT_hence θ: E!a & ¬𝒜E!a
4309    using "KBasic2:3"[THEN "→E"] by blast
4310  AOT_have ξ: E!a & 𝒜¬E!a
4311    by (AOT_subst  "«𝒜¬E!a»" "«¬𝒜E!a»")
4312       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
4313  AOT_have ζ: E!a & 𝒜¬E!a
4314    by (AOT_subst "«𝒜¬E!a»" "«𝒜¬E!a»")
4315       (auto simp add: "Act-Sub:4" ξ)
4316  AOT_hence E!a & ¬E!a
4317    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
4318  AOT_hence (E!a & ¬E!a) using "S5Basic:11"[THEN "≡E"(2)] by simp
4319  AOT_thus x (E!x & ¬E!x) using "∃I"(2) by fast
4320qed
4321
4322AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
4323proof -
4324  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
4325    using "lem-cont-e:1" GEN by fast
4326  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
4327    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4328  thus ?thesis using "thm-cont-e:1" "≡E" by blast
4329qed
4330
4331AOT_theorem "thm-cont-e:3": x E!x
4332proof (rule "CBF◇"[THEN "→E"])
4333  AOT_obtain a where (E!a & ¬E!a)
4334    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4335  AOT_hence E!a
4336    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
4337  AOT_thus x E!x using "∃I" by fast
4338qed
4339
4340AOT_theorem "thm-cont-e:4": x ¬E!x
4341proof (rule "CBF◇"[THEN "→E"])
4342  AOT_obtain a where (E!a & ¬E!a)
4343    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4344  AOT_hence ¬E!a
4345    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
4346  AOT_hence ¬E!a
4347    using "4◇"[THEN "→E"] by blast
4348  AOT_thus x ¬E!x using "∃I" by fast
4349qed
4350
4351AOT_theorem "thm-cont-e:5": Contingent([E!])
4352proof -
4353  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4354    using "thm-cont-prop:2" GEN by fast
4355  AOT_hence Contingent([E!])  x E!x & x ¬E!x
4356    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4357  thus ?thesis
4358    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
4359qed
4360
4361AOT_theorem "thm-cont-e:6": Contingent([E!]-)
4362proof -
4363  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
4364    using "thm-cont-prop:3" GEN by fast
4365  AOT_hence Contingent([E!])  Contingent([E!]-)
4366    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4367  thus ?thesis using "thm-cont-e:5" "≡E" by blast
4368qed
4369
4370AOT_theorem "thm-cont-e:7": FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
4371proof (rule "∃I")+
4372  AOT_have F [«F::<κ>»]  [F]- using "thm-relation-negation:5" GEN by fast
4373  AOT_hence [E!]  [E!]-
4374    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4375  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
4376    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
4377next
4378  AOT_show E!-
4379    by (fact AOT)
4380next
4381  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
4382qed
4383
4384AOT_theorem "property-facts:1": NonContingent([F])  ¬G (Contingent([G]) & G = F)
4385proof (rule "→I"; rule "raa-cor:2")
4386  AOT_assume NonContingent([F])
4387  AOT_hence 1: Necessary([F])  Impossible([F])
4388    using "contingent-properties:3"[THEN "≡dfE"] by blast
4389  AOT_assume G (Contingent([G]) & G = F)
4390  then AOT_obtain G where Contingent([G]) & G = F using "∃E"[rotated] by blast
4391  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
4392  AOT_hence ¬(Necessary([F])  Impossible([F]))
4393    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4394  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4395    using 1 "&I" by blast
4396qed
4397
4398AOT_theorem "property-facts:2": Contingent([F])  ¬G (NonContingent([G]) & G = F)
4399proof (rule "→I"; rule "raa-cor:2")
4400  AOT_assume Contingent([F])
4401  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
4402    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4403  AOT_assume G (NonContingent([G]) & G = F)
4404  then AOT_obtain G where NonContingent([G]) & G = F using "∃E"[rotated] by blast
4405  AOT_hence NonContingent([F]) using "rule=E" "&E" by blast
4406  AOT_hence Necessary([F])  Impossible([F])
4407    using "contingent-properties:3"[THEN "≡dfE"] by blast
4408  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4409    using 1 "&I" by blast
4410qed
4411
4412AOT_theorem "property-facts:3": L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
4413proof -
4414  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ Π Π'
4415    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
4416    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
4417  AOT_have contingent_denotes: Π if Contingent([Π]) for Π
4418    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
4419  AOT_have not_noncontingent_if_contingent: ¬NonContingent([Π]) if Contingent([Π]) for Π
4420  proof(rule RAA(2))
4421    AOT_show ¬(Necessary([Π])  Impossible([Π]))
4422      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF contingent_denotes[OF that], THEN "≡E"(1)] by blast
4423  next
4424    AOT_assume NonContingent([Π])
4425    AOT_thus Necessary([Π])  Impossible([Π])
4426      using "contingent-properties:3"[THEN "≡dfE"] by blast
4427  qed
4428
4429  show ?thesis
4430  proof (rule "&I")+
4431    AOT_show L  [L]-
4432      apply (rule "=dfI"(2)[OF L_def])
4433       apply "cqt:2[lambda]"
4434      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4435       apply (rule GEN) apply (fact AOT)
4436      by "cqt:2[lambda]"
4437  next
4438    AOT_show L  E!
4439      apply (rule noneqI)
4440      using "thm-noncont-e-e:3" not_noncontingent_if_contingent[OF "thm-cont-e:5"]
4441      by auto
4442  next
4443    AOT_show L  E!-
4444      apply (rule noneqI)
4445      using "thm-noncont-e-e:3" apply fast
4446      apply (rule not_noncontingent_if_contingent)
4447      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4448      using "thm-cont-prop:3" GEN apply fast
4449      using "thm-cont-e:5" by fast+
4450  next
4451    AOT_show [L]-  E!-
4452      apply (rule noneqI)
4453      using "thm-noncont-e-e:4" apply fast
4454      apply (rule not_noncontingent_if_contingent)
4455      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4456      using "thm-cont-prop:3" GEN apply fast
4457      using "thm-cont-e:5" by fast+
4458  next
4459    AOT_show E!  E!-
4460      apply (rule "=dfI"(2)[OF L_def])
4461       apply "cqt:2[lambda]"
4462      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4463       apply (rule GEN) apply (fact AOT)
4464      by (fact "cqt:2[concrete]"[axiom_inst])
4465  qed
4466qed
4467
4468AOT_theorem "thm-cont-propos:1": NonContingent0(p)  NonContingent0(((p)-))
4469proof(rule "≡I"; rule "→I")
4470  AOT_assume NonContingent0(p)
4471  AOT_hence Necessary0(p)  Impossible0(p)
4472    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4473  moreover {
4474    AOT_assume Necessary0(p)
4475    AOT_hence 1: p using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4476    AOT_have ¬((p)-)
4477      by (AOT_subst "«¬((p)-)»" "AOT_term_of_var p")
4478         (auto simp add: 1 "thm-relation-negation:4")
4479    AOT_hence Impossible0(((p)-))
4480      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4481  }
4482  moreover {
4483    AOT_assume Impossible0(p)
4484    AOT_hence 1: ¬p
4485      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4486    AOT_have ((p)-)
4487      by (AOT_subst "«((p)-)»" "«¬p»") 
4488         (auto simp: 1 "thm-relation-negation:3")
4489    AOT_hence Necessary0(((p)-))
4490      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4491  }
4492  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
4493    using "∨E"(1) "∨I" "→I" by metis
4494  AOT_thus NonContingent0(((p)-))
4495    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4496next
4497  AOT_assume NonContingent0(((p)-))
4498  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
4499    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4500  moreover {
4501    AOT_assume Impossible0(((p)-))
4502    AOT_hence 1: ¬((p)-)
4503      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4504    AOT_have p
4505      by (AOT_subst_rev "«¬((p)-)»" "AOT_term_of_var p")
4506         (auto simp: 1 "thm-relation-negation:4")
4507    AOT_hence Necessary0(p)
4508      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
4509  }
4510  moreover {
4511    AOT_assume Necessary0(((p)-))
4512    AOT_hence 1: ((p)-)
4513      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
4514    AOT_have ¬p
4515      by (AOT_subst_rev "«((p)-)»" "«¬p»")
4516         (auto simp: 1 "thm-relation-negation:3")
4517    AOT_hence Impossible0(p)
4518      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4519  }
4520  ultimately AOT_have Necessary0(p)  Impossible0(p)
4521    using "∨E"(1) "∨I" "→I" by metis
4522  AOT_thus NonContingent0(p)
4523    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4524qed
4525
4526AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
4527proof -
4528  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
4529    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
4530  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
4531    by (fact AOT)
4532  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
4533    by (fact AOT)
4534  also AOT_have   φ & ¬φ
4535    apply (AOT_subst "«φ»" "«¬¬φ»")
4536     apply (simp add: "conventions:5" "≡Df")
4537    apply (AOT_subst "«Impossible0(φ)»" "«¬φ»")
4538     apply (simp add: "contingent-properties:2[zero]" "≡Df")
4539    apply (AOT_subst_rev "«¬φ»" "«¬φ»")
4540     apply (simp add: "KBasic:11")
4541    apply (AOT_subst "«Necessary0(φ)»" "«φ»")
4542     apply (simp add: "contingent-properties:1[zero]" "≡Df")
4543    by (simp add: "oth-class-taut:3:a")
4544  finally show ?thesis.
4545qed
4546
4547AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
4548proof -
4549  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
4550  also AOT_have   ¬p & p by (fact AOT)
4551  also AOT_have   ((p)-) & p
4552    by (AOT_subst "«((p)-)»" "«¬p»")
4553       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
4554  also AOT_have   ((p)-) & ¬((p)-)
4555    by (AOT_subst "«¬((p)-)»" "AOT_term_of_var p")
4556       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
4557  also AOT_have   Contingent0(((p)-))
4558    using "thm-cont-propos:2"[symmetric] by blast
4559  finally show ?thesis.
4560qed
4561
4562AOT_define noncontingent_prop :: ‹φ› ("p0")
4563  p0_def: "(p0) =df (x (E!x  E!x))"
4564
4565AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
4566proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4567  AOT_show (p0)
4568    apply (rule "=dfI"(2)[OF p0_def])
4569    using "log-prop-prop:2" apply simp
4570    using "if-p-then-p" RN GEN by fast
4571qed
4572
4573AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
4574proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4575  AOT_show ¬((p0)-)
4576    apply (AOT_subst "«((p0)-)»" "«¬p0»")
4577    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4578    apply (AOT_subst_rev "«p0»" "«¬¬p0»" )
4579     apply (simp add: "oth-class-taut:3:b")
4580    apply (rule "=dfI"(2)[OF p0_def])
4581    using "log-prop-prop:2" apply simp
4582    using "if-p-then-p" RN GEN by fast
4583qed
4584
4585AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
4586  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4587  using "thm-noncont-propos:1" "∨I" by blast
4588
4589AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
4590  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4591  using "thm-noncont-propos:2" "∨I" by blast
4592
4593AOT_theorem "thm-noncont-propos:5": pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
4594proof(rule "∃I")+
4595  AOT_have 0: φ  (φ)- for φ
4596    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4597  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
4598    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
4599qed(auto simp: "log-prop-prop:2")
4600
4601AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
4602proof(rule "raa-cor:2")
4603  AOT_assume x(E!x & ¬𝒜E!x)
4604  then AOT_obtain a where a: E!a & ¬𝒜E!a
4605    using "∃E"[rotated] by blast
4606  AOT_hence 𝒜¬E!a using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
4607  AOT_hence ¬E!a using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
4608  AOT_hence E!a & ¬E!a using a "&E" "&I" by blast
4609  AOT_thus p & ¬p for p using "raa-cor:1" by blast
4610qed
4611
4612AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
4613proof(rule "raa-cor:2")
4614  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
4615  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
4616    using "Act-Basic:10"[THEN "≡E"(1)] by blast
4617  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4618  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a using "Act-Basic:2"[THEN "≡E"(1)] by blast
4619  AOT_hence ¬𝒜𝒜E!a using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
4620  AOT_hence ¬𝒜E!a using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
4621  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
4622qed
4623
4624AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
4625proof (rule RAA(1))
4626  AOT_show ¬𝒜x (E!x & ¬𝒜E!x) using "pos-not-pna:1" by blast
4627next
4628  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
4629  AOT_hence x (E!x & ¬𝒜E!x)
4630    using "KBasic:12"[THEN "≡E"(2)] by blast
4631  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
4632    using "nec-imp-act"[THEN "→E"] by blast
4633qed
4634
4635AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
4636proof -
4637  AOT_obtain a where (E!a & ¬𝒜E!a)
4638    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
4639  AOT_hence θ: E!a and ξ: ¬𝒜E!a using "KBasic2:3"[THEN "→E"] "&E" by blast+
4640  AOT_have ¬𝒜E!a using ξ "KBasic:11"[THEN "≡E"(2)] by blast
4641  AOT_hence ¬𝒜E!a using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)] by blast
4642  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
4643  thus ?thesis using "∃I" by fast
4644qed
4645
4646AOT_define contingent_prop :: φ ("q0")
4647  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
4648
4649AOT_theorem q0_prop: q0 & ¬q0
4650  apply (rule "=dfI"(2)[OF q0_def])
4651  apply (fact "log-prop-prop:2")
4652  apply (rule "&I")
4653   apply (fact "qml:4"[axiom_inst])
4654  by (fact "pos-not-pna:2")
4655
4656AOT_theorem "basic-prop:1": Contingent0((q0))
4657proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4658  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
4659  proof (rule "&I"; rule "=dfI"(2)[OF q0_def]; (rule "log-prop-prop:2" | rule "raa-cor:2"))
4660    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
4661    AOT_hence x (E!x & ¬𝒜E!x)
4662      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4663    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
4664      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
4665    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
4666      using "pos-not-pna:1" "&I" by blast
4667  next
4668    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
4669    AOT_hence ¬(x (E!x & ¬𝒜E!x))
4670      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4671    AOT_hence ¬(x (E!x & ¬𝒜E!x)) using "KBasic2:1"[THEN "≡E"(1)] by blast
4672    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
4673      using "qml:4"[axiom_inst] "&I" by blast
4674  qed
4675  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
4676    using "oth-class-taut:5:d" "≡E"(2) by blast
4677qed
4678
4679AOT_theorem "basic-prop:2": p Contingent0((p))
4680  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
4681
4682AOT_theorem "basic-prop:3": Contingent0(((q0)-))
4683  apply (AOT_subst "«(q0)-»" "«¬q0»")
4684   apply (insert "thm-relation-negation:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
4685  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4686  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
4687  apply (rule "&I")
4688   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4689   apply (rule "conventions:5"[THEN "≡dfE"])
4690   apply (rule "=dfE"(2)[OF q0_def])
4691    apply (rule "log-prop-prop:2")
4692   apply (rule q0_prop[THEN "&E"(1)])
4693  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4694  apply (rule "conventions:5"[THEN "≡dfE"])
4695  by (rule q0_prop[THEN "&E"(2)])
4696
4697AOT_theorem "basic-prop:4": pq (p  q & Contingent0(p) & Contingent0(q))
4698proof(rule "∃I")+
4699  AOT_have 0: φ  (φ)- for φ
4700    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4701  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
4702    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
4703qed(auto simp: "log-prop-prop:2")
4704
4705AOT_theorem "proposition-facts:1": NonContingent0(p)  ¬q (Contingent0(q) & q = p)
4706proof(rule "→I"; rule "raa-cor:2")
4707  AOT_assume NonContingent0(p)
4708  AOT_hence 1: Necessary0(p)  Impossible0(p)
4709    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4710  AOT_assume q (Contingent0(q) & q = p)
4711  then AOT_obtain q where Contingent0(q) & q = p using "∃E"[rotated] by blast
4712  AOT_hence Contingent0(p) using "rule=E" "&E" by fast
4713  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4714    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
4715qed
4716
4717AOT_theorem "proposition-facts:2": Contingent0(p)  ¬q (NonContingent0(q) & q = p)
4718proof(rule "→I"; rule "raa-cor:2")
4719  AOT_assume Contingent0(p)
4720  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
4721    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4722  AOT_assume q (NonContingent0(q) & q = p)
4723  then AOT_obtain q where NonContingent0(q) & q = p using "∃E"[rotated] by blast
4724  AOT_hence NonContingent0(p) using "rule=E" "&E" by fast
4725  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4726    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
4727qed
4728
4729AOT_theorem "proposition-facts:3": (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
4730proof -
4731  {
4732    fix χ φ ψ
4733    AOT_assume χ{φ}
4734    moreover AOT_assume ¬χ{ψ}
4735    ultimately AOT_have ¬(χ{φ}  χ{ψ})
4736      using RAA "≡E" by metis
4737    moreover {
4738      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
4739        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
4740      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
4741        using "∀E" "log-prop-prop:2" by blast
4742    }
4743    ultimately AOT_have φ  ψ
4744      using "→E" by blast
4745  } note 0 = this
4746  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
4747    using "thm-cont-propos:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4748  AOT_have not_noncontingent_if_contingent: ¬NonContingent0(φ) if Contingent0(φ) for φ
4749    apply (rule "contingent-properties:3[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4750    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4751  show ?thesis
4752    apply (rule "&I")+
4753    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4754       apply (rule 0)
4755    using "thm-noncont-propos:3" apply fast
4756       apply (rule not_noncontingent_if_contingent)
4757       apply (fact AOT)
4758      apply (rule 0)
4759    apply (rule "thm-noncont-propos:3")
4760      apply (rule not_noncontingent_if_contingent)
4761      apply (rule contingent_neg[THEN "≡E"(1)])
4762      apply (fact AOT)
4763     apply (rule 0)
4764    apply (rule "thm-noncont-propos:4")
4765      apply (rule not_noncontingent_if_contingent)
4766      apply (rule contingent_neg[THEN "≡E"(1)])
4767     apply (fact AOT)
4768    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4769qed
4770
4771AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
4772  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
4773
4774AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
4775  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
4776
4777AOT_theorem "cont-true-cont:1": ContingentlyTrue((p))  Contingent0((p))
4778proof(rule "→I")
4779  AOT_assume ContingentlyTrue((p))
4780  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
4781  AOT_have ¬Necessary0((p))
4782    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4783    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
4784  moreover AOT_have ¬Impossible0((p))
4785    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4786    apply (rule "conventions:5"[THEN "≡dfE"])
4787    using "T◇"[THEN "→E", OF 1].
4788  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4789    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4790  AOT_thus Contingent0((p))
4791    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4792qed
4793
4794AOT_theorem "cont-true-cont:2": ContingentlyFalse((p))  Contingent0((p))
4795proof(rule "→I")
4796  AOT_assume ContingentlyFalse((p))
4797  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
4798  AOT_have ¬Necessary0((p))
4799    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4800    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
4801  moreover AOT_have ¬Impossible0((p))
4802    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4803    apply (rule "conventions:5"[THEN "≡dfE"])
4804    using 2.
4805  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4806    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4807  AOT_thus Contingent0((p))
4808    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4809qed
4810
4811AOT_theorem "cont-true-cont:3": ContingentlyTrue((p))  ContingentlyFalse(((p)-))
4812proof(rule "≡I"; rule "→I")
4813  AOT_assume ContingentlyTrue((p))
4814  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4815  AOT_have 1: ContingentlyFalse(¬p)
4816    apply (rule "cont-tf:2"[THEN "≡dfI"])
4817    apply (AOT_subst_rev "AOT_term_of_var p" "«¬¬p»")
4818    by (auto simp: "oth-class-taut:3:b" 0)
4819  AOT_show ContingentlyFalse(((p)-))
4820    apply (AOT_subst "«(p)-»" "«¬p»")
4821    by (auto simp: "thm-relation-negation:3" 1)
4822next
4823  AOT_assume 1: ContingentlyFalse(((p)-))
4824  AOT_have ContingentlyFalse(¬p)
4825    by (AOT_subst_rev "«(p)-»" "«¬p»")
4826       (auto simp: "thm-relation-negation:3" 1)
4827  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
4828  AOT_hence p & ¬p
4829    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
4830  AOT_thus ContingentlyTrue((p))
4831    using "cont-tf:1"[THEN "≡dfI"] by blast
4832qed
4833
4834AOT_theorem "cont-true-cont:4": ContingentlyFalse((p))  ContingentlyTrue(((p)-))
4835proof(rule "≡I"; rule "→I")
4836  AOT_assume ContingentlyFalse(p)
4837  AOT_hence 0: ¬p & p
4838    using "cont-tf:2"[THEN "≡dfE"] by blast
4839  AOT_have ¬p & ¬¬p
4840    by (AOT_subst_rev "AOT_term_of_var p" "«¬¬p»")
4841       (auto simp: "oth-class-taut:3:b" 0)
4842  AOT_hence 1: ContingentlyTrue(¬p)
4843    by (rule "cont-tf:1"[THEN "≡dfI"])
4844  AOT_show ContingentlyTrue(((p)-))
4845    by (AOT_subst "«(p)-»" "«¬p»")
4846       (auto simp: "thm-relation-negation:3" 1)
4847next
4848  AOT_assume 1: ContingentlyTrue(((p)-))
4849  AOT_have ContingentlyTrue(¬p)
4850    by (AOT_subst_rev "«(p)-»" "«¬p»")
4851       (auto simp add: "thm-relation-negation:3" 1)
4852  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4853  AOT_have p
4854    by (AOT_subst "AOT_term_of_var p" "«¬¬p»")
4855       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
4856  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
4857  AOT_thus ContingentlyFalse(p)
4858    by (rule "cont-tf:2"[THEN "≡dfI"])
4859qed
4860
4861AOT_theorem "cont-true-cont:5": (ContingentlyTrue((p)) & Necessary0((q)))  p  q
4862proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4863  AOT_assume ContingentlyTrue((p))
4864  AOT_hence ¬p
4865    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
4866  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
4867  AOT_assume Necessary0((q))
4868  moreover AOT_assume ¬(p  q)
4869  AOT_hence p = q
4870    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4871          "useful-tautologies:1"[THEN "→E"] by blast
4872  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
4873  AOT_hence p
4874    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4875  AOT_thus p & ¬p using 0 "&I" by blast
4876qed
4877
4878AOT_theorem "cont-true-cont:6": (ContingentlyFalse((p)) & Impossible0((q)))  p  q
4879proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4880  AOT_assume ContingentlyFalse((p))
4881  AOT_hence p
4882    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
4883  AOT_hence 1: ¬¬p
4884    using "conventions:5"[THEN "≡dfE"] by blast
4885  AOT_assume Impossible0((q))
4886  moreover AOT_assume ¬(p  q)
4887  AOT_hence p = q
4888    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4889          "useful-tautologies:1"[THEN "→E"] by blast
4890  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
4891  AOT_hence ¬p
4892    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4893  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
4894qed
4895
4896AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
4897  apply (rule "cont-tf:2"[THEN "≡dfI"])
4898  apply (rule "=dfI"(2)[OF q0_def])
4899   apply (fact "log-prop-prop:2")
4900  apply (rule "&I")
4901   apply (fact "no-cnac")
4902  by (fact "qml:4"[axiom_inst])
4903
4904AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
4905  apply (rule "cont-tf:1"[THEN "≡dfI"])
4906  apply (rule "=dfI"(2)[OF q0_def])
4907   apply (fact "log-prop-prop:2")
4908  apply (rule "&I")
4909     apply (rule "thm-relation-negation:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
4910     apply (fact "no-cnac")
4911    apply (rule "rule=E"[rotated, OF "thm-relation-negation:7"[unvarify p, OF "log-prop-prop:2", THEN id_sym]])
4912  apply (AOT_subst_rev "«x (E!x & ¬𝒜E!x)»" "«¬¬(x  (E!x & ¬𝒜E!x))»")
4913  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
4914
4915(* TODO: q0cf-rem skipped for now *)
4916
4917AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
4918proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
4919  AOT_assume q0
4920  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
4921  AOT_thus ContingentlyTrue(q0)
4922    by (rule "cont-tf:1"[THEN "≡dfI"])
4923next
4924  AOT_assume ¬q0
4925  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
4926  AOT_hence ContingentlyFalse(q0)
4927    by (rule "cont-tf:2"[THEN "≡dfI"])
4928  AOT_thus ContingentlyTrue(((q0)-))
4929    by (rule "cont-true-cont:4"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
4930qed(auto simp: "log-prop-prop:2")
4931
4932
4933AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
4934proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
4935  AOT_assume q0
4936  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
4937  AOT_hence ContingentlyTrue(q0)
4938    by (rule "cont-tf:1"[THEN "≡dfI"])
4939  AOT_thus ContingentlyFalse(((q0)-))
4940    by (rule "cont-true-cont:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
4941next
4942  AOT_assume ¬q0
4943  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
4944  AOT_thus ContingentlyFalse(q0)
4945    by (rule "cont-tf:2"[THEN "≡dfI"])
4946qed(auto simp: "log-prop-prop:2")
4947
4948(* TODO: inspect modally strict subproof involving obtained variable *)
4949AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
4950proof -
4951  fix x
4952  AOT_obtain p1 where ContingentlyTrue((p1))
4953    using "cont-tf-thm:1" "∃E"[rotated] by blast
4954  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
4955  AOT_modally_strict {
4956    AOT_have for arbitrary p:  (z p]x  p)
4957      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
4958    AOT_hence for arbitrary p:   (z p]x  p)
4959      by (rule RN)
4960    AOT_hence p (z p]x  p) using GEN by fast
4961    AOT_hence (z p1]x  p1) using "∀E" by fast
4962  } note 2 = this
4963  AOT_hence (z p1]x  p1) using "∀E" by blast
4964  AOT_hence z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
4965  moreover AOT_have ¬z p1]x
4966    apply (AOT_subst_using subst: 2[THEN "qml:2"[axiom_inst, THEN "→E"]])
4967    using 1[THEN "&E"(2)] by blast
4968  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
4969  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
4970  moreover AOT_have z p1] by "cqt:2[lambda]"
4971  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
4972qed
4973
4974(* TODO: inspect modally strict subproof involving obtained variable *)
4975AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
4976proof -
4977  fix x
4978  AOT_obtain p1 where ContingentlyFalse((p1))
4979    using "cont-tf-thm:2" "∃E"[rotated] by blast
4980  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
4981  AOT_modally_strict {
4982    AOT_have for arbitrary p:  (z p]x  p)
4983      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
4984    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
4985      using "oth-class-taut:4:b" "≡E" by blast
4986    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
4987      by (rule RN)
4988    AOT_hence p (¬z p]x  ¬p) using GEN by fast
4989    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
4990  } note 2 = this
4991  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
4992  AOT_hence 3: ¬z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
4993  AOT_modally_strict {
4994    AOT_have for arbitrary p:  (z p]x  p)
4995      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
4996    AOT_hence for arbitrary p:  (z p]x  p)
4997      by (rule RN)
4998    AOT_hence p (z p]x  p) using GEN by fast
4999    AOT_hence (z p1]x  p1) using "∀E" by fast
5000  } note 4 = this
5001  AOT_have z p1]x
5002    apply (AOT_subst_using subst: 4[THEN "qml:2"[axiom_inst, THEN "→E"]])
5003    using 1[THEN "&E"(2)] by blast
5004  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
5005  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
5006  moreover AOT_have z p1] by "cqt:2[lambda]"
5007  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
5008qed
5009
5010context
5011begin
5012
5013private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
5014    apply (rule "=dfI"(2)[OF L_def])
5015     apply "cqt:2[lambda]"
5016    apply (rule "beta-C-meta"[THEN "→E"])
5017  by "cqt:2[lambda]"
5018
5019private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
5020    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5021
5022private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
5023proof(rule "≡I"; rule "→I"; (rule "∀I")?)
5024  fix x
5025  AOT_assume 1: φ
5026  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
5027  also AOT_have   φ
5028    using "if-p-then-p" 1 "≡I" "→I" by simp
5029  also AOT_have   z φ]x
5030    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
5031  finally AOT_show [L]x  z φ]x.
5032next
5033  fix x
5034  AOT_assume x([L]x  z φ]x)
5035  AOT_hence [L]x  z φ]x using "∀E" by blast
5036  also AOT_have   φ using eqnotnec_123_Aux_ω.
5037  finally AOT_have φ  [L]x using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5038  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
5039  finally AOT_show φ using "≡E" "if-p-then-p" by fast
5040qed
5041private lemmas eqnotnec_123_Aux_ξ =  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5042                      THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5043                      THEN "RM◇"]
5044private lemmas eqnotnec_123_Aux_ξ' = eqnotnec_123_Aux_θ[THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)], THEN "RM◇"]
5045
5046AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5047proof-
5048  AOT_obtain p1 where ContingentlyTrue(p1) using "cont-tf-thm:1" "∃E"[rotated] by blast
5049  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5050  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
5051    apply - apply (rule "&I")
5052    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)] eqnotnec_123_Aux_ξ "→E" by fast+
5053  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
5054    by (rule "∃I") "cqt:2[lambda]"
5055  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
5056    apply (rule "∃I")
5057    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5058qed
5059
5060AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5061proof-
5062  AOT_obtain p1 where ContingentlyFalse(p1) using "cont-tf-thm:2" "∃E"[rotated] by blast
5063  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5064  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
5065    apply - apply (rule "&I")
5066    using "&E" eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)] eqnotnec_123_Aux_ξ' "→E" by fast+
5067  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
5068    by (rule "∃I") "cqt:2[lambda]"
5069  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
5070    apply (rule "∃I")
5071    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5072qed
5073
5074AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5075proof-
5076  AOT_have ¬𝒜q0
5077    apply (rule "=dfI"(2)[OF q0_def])
5078     apply (fact "log-prop-prop:2")
5079    by (fact AOT)
5080  AOT_hence 𝒜¬q0
5081    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5082  AOT_hence 𝒜¬x ([L]x  z q0]x)
5083    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5084            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5085            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
5086  moreover AOT_have x ([L]x  z q0]x) using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
5087  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x) using "&I" by blast
5088  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
5089    by (rule "∃I") "cqt:2[lambda]"
5090  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5091    apply (rule "∃I")
5092    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5093qed
5094
5095end
5096
5097(* TODO[IMPORTANT]: proof of 219.4 ζ: appeal to (159.2) requires a theorem, but the result has local
5098   assumptions! *)
5099AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5100proof(rule GEN)
5101  fix F
5102
5103  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5104  proof(rule "→I"; rule GEN)
5105    AOT_modally_strict {
5106    fix x
5107    AOT_assume 0: ψ
5108    AOT_have z [F]z & ψ]x  [F]x & ψ
5109      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5110    also AOT_have ...  [F]x
5111      apply (rule "≡I"; rule "→I")
5112      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5113      using 0 "&I" by blast
5114    finally AOT_show [F]x  z [F]z & ψ]x
5115      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5116    }
5117  qed
5118
5119  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5120  proof (rule "→I"; rule GEN)
5121    AOT_modally_strict {
5122      fix x
5123      AOT_assume 0: ψ
5124      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5125        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5126      also AOT_have ...  [F]x
5127        apply (rule "≡I"; rule "→I")
5128        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5129        apply (rule "∨I"(1)) using 0 "&I" by blast
5130      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5131        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5132    }
5133  qed
5134
5135  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5136  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
5137  AOT_modally_strict {
5138      AOT_assume 0: ¬ψ
5139      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5140      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5141      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5142          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5143      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5144        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5145      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5146        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5147      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5148      ultimately AOT_have ψ using "≡E" "&E" by metis
5149      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5150    }
5151  qed
5152
5153  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5154  proof (rule "→I")
5155    AOT_assume A: z([F]z  z [F]z & ψ]z)
5156    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5157    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
5158          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
5159          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5160      AOT_modally_strict {
5161        AOT_assume z ([F]z  z [F]z & ψ]z)
5162        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5163        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5164        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5165        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5166        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5167      }
5168    next
5169      AOT_modally_strict {
5170        AOT_assume z ([F]z  z [F]z & ψ]z)
5171        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5172        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5173        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5174        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5175        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5176      }
5177    qed(auto simp: A)
5178  qed
5179
5180  AOT_obtain p1 where p1_prop: p1 & ¬p1 using "cont-tf-thm:1" "∃E"[rotated] "cont-tf:1"[THEN "≡dfE"] by blast
5181  {
5182    AOT_assume 1: x([F]x  z [F]z & p1]x)
5183    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5184      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5185    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5186      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5187    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5188      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5189    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) & ¬x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5190    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5191      by (rule "∃I"(1)) "cqt:2[lambda]"
5192  }
5193  moreover {
5194    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5195    AOT_hence ¬x([F]x  z [F]z & p1]x)
5196      using "KBasic:11"[THEN "≡E"(1)] by blast
5197    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
5198      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
5199    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5200      by (rule "∃I"(1)) "cqt:2[lambda]"
5201  }
5202  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5203    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5204qed
5205
5206AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5207proof(rule GEN)
5208  fix F
5209
5210  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5211  proof(rule "RM◇"; rule "→I"; rule GEN)
5212    AOT_modally_strict {
5213    fix x
5214    AOT_assume 0: ψ
5215    AOT_have z [F]z & ψ]x  [F]x & ψ
5216      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5217    also AOT_have ...  [F]x
5218      apply (rule "≡I"; rule "→I")
5219      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5220      using 0 "&I" by blast
5221    finally AOT_show [F]x  z [F]z & ψ]x
5222      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5223    }
5224  qed
5225
5226  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5227  proof (rule "RM◇"; rule "→I"; rule GEN)
5228    AOT_modally_strict {
5229      fix x
5230      AOT_assume 0: ψ
5231      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5232        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5233      also AOT_have ...  [F]x
5234        apply (rule "≡I"; rule "→I")
5235        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5236        apply (rule "∨I"(1)) using 0 "&I" by blast
5237      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5238        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5239    }
5240  qed
5241
5242  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5243  proof(rule "→I"; rule "raa-cor:2")
5244  AOT_modally_strict {
5245      AOT_assume 0: ¬ψ
5246      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5247      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5248      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5249          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5250      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5251        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5252      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5253        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5254      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5255      ultimately AOT_have ψ using "≡E" "&E" by metis
5256      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5257    }
5258  qed
5259
5260  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5261  proof (rule "→I"; rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5262    AOT_modally_strict {
5263      AOT_assume z ([F]z  z [F]z & ψ]z)
5264      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5265      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5266      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5267      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5268      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5269    }
5270  next
5271    AOT_modally_strict {
5272      AOT_assume z ([F]z  z [F]z & ψ]z)
5273      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5274      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5275      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5276      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5277      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5278    }
5279  qed
5280
5281  AOT_obtain p1 where p1_prop: ¬p1 & p1 using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
5282  {
5283    AOT_assume 1: x([F]x  z [F]z & p1]x)
5284    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5285      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5286    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5287      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5288    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5289      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5290    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) & x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5291    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5292      by (rule "∃I"(1)) "cqt:2[lambda]"
5293  }
5294  moreover {
5295    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5296    AOT_hence ¬x([F]x  z [F]z & p1]x)
5297      using "KBasic:11"[THEN "≡E"(1)] by blast
5298    AOT_hence ¬x ([F]x  z [F]z & p1]x) & x([F]x  z [F]z & p1]x)
5299      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
5300    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5301      by (rule "∃I"(1)) "cqt:2[lambda]"
5302  }
5303  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5304    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5305qed
5306
5307AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5308proof(rule GEN)
5309  fix F
5310
5311  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5312  proof(rule "RM◇"; rule "→I"; rule GEN)
5313    AOT_modally_strict {
5314    fix x
5315    AOT_assume 0: ψ
5316    AOT_have z [F]z & ψ]x  [F]x & ψ
5317      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5318    also AOT_have ...  [F]x
5319      apply (rule "≡I"; rule "→I")
5320      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5321      using 0 "&I" by blast
5322    finally AOT_show [F]x  z [F]z & ψ]x
5323      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5324    }
5325  qed
5326
5327  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5328  proof (rule "RM◇"; rule "→I"; rule GEN)
5329    AOT_modally_strict {
5330      fix x
5331      AOT_assume 0: ψ
5332      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5333        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5334      also AOT_have ...  [F]x
5335        apply (rule "≡I"; rule "→I")
5336        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5337        apply (rule "∨I"(1)) using 0 "&I" by blast
5338      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5339        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5340    }
5341  qed
5342
5343  AOT_have Aux_C:  𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5344  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
5345  AOT_modally_strict {
5346      AOT_assume 0: ¬ψ
5347      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5348      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5349      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5350          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5351      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5352        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5353      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5354        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5355      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5356      ultimately AOT_have ψ using "≡E" "&E" by metis
5357      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5358    }
5359  qed
5360
5361  AOT_have Aux_D: 𝒜z ([F]z  z [F]z & ψ]z)  (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5362  proof (rule "→I"; rule "Act-Basic:5"[THEN "≡E"(1)])
5363    AOT_assume 𝒜z ([F]z  z [F]z & ψ]z)
5364    AOT_thus 𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x))
5365    proof (rule "RA[3]"[where Γ="{«z ([F]z  z [F]z & ψ]z)»}", simplified, rotated])
5366      AOT_modally_strict {
5367        AOT_assume z ([F]z  z [F]z & ψ]z)
5368        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5369          apply -
5370        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5371        AOT_modally_strict {
5372          AOT_assume z ([F]z  z [F]z & ψ]z)
5373          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5374          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5375          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5376          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5377          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5378        }
5379      next
5380        AOT_modally_strict {
5381          AOT_assume z ([F]z  z [F]z & ψ]z)
5382          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5383          AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5384          AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5385          AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5386          AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5387        }
5388      qed
5389      }
5390    qed
5391  qed
5392
5393  AOT_have ¬𝒜q0
5394    apply (rule "=dfI"(2)[OF q0_def])
5395     apply (fact "log-prop-prop:2")
5396    by (fact AOT)
5397  AOT_hence q0_prop_1: 𝒜¬q0
5398    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5399  {
5400    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
5401    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
5402      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
5403    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
5404      using Aux_C[THEN "→E", OF q0_prop_1].
5405    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
5406      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5407    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) & x([F]x  z [F]z & q0  ¬q0]x) using 2 "&I" by blast
5408    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5409      by (rule "∃I"(1)) "cqt:2[lambda]"
5410  }
5411  moreover {
5412    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
5413    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
5414      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5415    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
5416      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
5417    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5418      by (rule "∃I"(1)) "cqt:2[lambda]"
5419  }
5420  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5421    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5422qed
5423
5424AOT_theorem "oa-contingent:1": O!  A!
5425proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
5426  fix x
5427  AOT_assume 1: O! = A!
5428  AOT_hence x E!x] = A!
5429    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5430  AOT_hence x E!x] = x ¬E!x]
5431    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5432  moreover AOT_have x E!x]x  E!x
5433    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5434  ultimately AOT_have x ¬E!x]x  E!x
5435    using "rule=E" by fast
5436  moreover AOT_have x ¬E!x]x  ¬E!x
5437    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5438  ultimately AOT_have E!x  ¬E!x using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
5439  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)" using "oth-class-taut:3:c" "&I" by blast
5440qed
5441
5442AOT_theorem "oa-contingent:2": O!x  ¬A!x
5443proof -
5444  AOT_have O!x  x E!x]x
5445    apply (rule "≡I"; rule "→I")
5446     apply (rule "=dfE"(2)[OF AOT_ordinary])
5447      apply "cqt:2[lambda]"
5448     apply argo
5449    apply (rule  "=dfI"(2)[OF AOT_ordinary])
5450     apply "cqt:2[lambda]"
5451    by argo
5452  also AOT_have   E!x
5453    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5454  also AOT_have   ¬¬E!x
5455    using "oth-class-taut:3:b".
5456  also AOT_have   ¬x ¬E!x]x
5457    by (rule "beta-C-meta"[THEN "→E", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric]) "cqt:2[lambda]"
5458  also AOT_have   ¬A!x
5459    apply (rule "≡I"; rule "→I")
5460     apply (rule "=dfI"(2)[OF AOT_abstract])
5461      apply "cqt:2[lambda]"
5462     apply argo
5463    apply (rule "=dfE"(2)[OF AOT_abstract])
5464     apply "cqt:2[lambda]"
5465    by argo
5466  finally show ?thesis.
5467qed
5468
5469AOT_theorem "oa-contingent:3": A!x  ¬O!x
5470  by (AOT_subst "«A!x»" "«¬¬A!x»")
5471     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
5472
5473AOT_theorem "oa-contingent:4": Contingent(O!)
5474proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)]; rule "&I")
5475  AOT_have x E!x using "thm-cont-e:3" .
5476  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5477  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5478  AOT_hence x E!x]a
5479    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5480  AOT_hence O!a
5481    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5482  AOT_hence x O!x using "∃I" by blast
5483  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
5484next
5485  AOT_obtain a where A!a
5486    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5487  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
5488  AOT_hence x ¬O!x using "∃I" by fast
5489  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
5490qed
5491
5492AOT_theorem "oa-contingent:5": Contingent(A!)
5493proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)]; rule "&I")
5494  AOT_obtain a where A!a
5495    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5496  AOT_hence x A!x using "∃I" by fast
5497  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
5498next
5499  AOT_have x E!x using "thm-cont-e:3" .
5500  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5501  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5502  AOT_hence x E!x]a
5503    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5504  AOT_hence O!a
5505    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5506  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
5507  AOT_hence x ¬A!x using "∃I" by fast
5508  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
5509qed
5510
5511AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
5512proof -
5513  AOT_have O!x  ¬A!x
5514    using "oa-contingent:2" by blast
5515  also AOT_have   A!-x
5516    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
5517  finally AOT_have 1: O!x  A!-x.
5518
5519  AOT_have A!x  ¬O!x
5520    using "oa-contingent:3" by blast
5521  also AOT_have   O!-x
5522    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
5523  finally AOT_have 2: A!x  O!-x.
5524
5525  AOT_show O!-x  ¬A!-x
5526    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "oa-contingent:3"[of _ x] 2[symmetric]
5527          "≡E"(5) by blast
5528qed
5529
5530AOT_theorem "oa-contingent:6": O!-  A!-
5531proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5532  AOT_assume 1: O!- = A!-
5533  fix x
5534  AOT_have A!-x  O!-x
5535    apply (rule "rule=E"[rotated, OF 1]) by (fact "oth-class-taut:3:a")
5536  AOT_hence A!-x  ¬A!-x
5537    using "oa-contingent:7" "≡E" by fast
5538  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x) using "oth-class-taut:3:c" "&I" by blast
5539qed
5540
5541AOT_theorem "oa-contingent:8": Contingent(O!-)
5542  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1), OF "oa-contingent:4"].
5543
5544AOT_theorem "oa-contingent:9": Contingent(A!-)
5545  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1), OF "oa-contingent:5"].
5546
5547AOT_define WeaklyContingent :: ‹Π  φ› ("WeaklyContingent'(_')")
5548  "df-cont-nec": "WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)"
5549
5550AOT_theorem "cont-nec-fact1:1": WeaklyContingent([F])  WeaklyContingent([F]-)
5551proof -
5552  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
5553    using "df-cont-nec"[THEN "≡Df"] by blast
5554  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
5555    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
5556    using "thm-cont-prop:3".
5557  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
5558  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)]; rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
5559    fix x
5560    AOT_assume 0: x ([F]x  [F]x)
5561    AOT_assume 1: [F]-x
5562    AOT_have ¬[F]x
5563      by (AOT_subst_rev "«[F]-x»" "«¬[F]x»")
5564         (auto simp add: "thm-relation-negation:1" 1)
5565    AOT_hence 2: ¬[F]x
5566      using "KBasic:11"[THEN "≡E"(2)] by blast
5567    AOT_show [F]-x
5568    proof (rule "raa-cor:1")
5569      AOT_assume 3: ¬[F]-x
5570      AOT_have ¬¬[F]x
5571        by (AOT_subst_rev "«[F]-x»" "«¬[F]x»")
5572           (auto simp add: "thm-relation-negation:1" 3)
5573      AOT_hence [F]x
5574        using "conventions:5"[THEN "≡dfI"] by simp
5575      AOT_hence [F]x using 0 "∀E" "→E" by fast
5576      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
5577    qed
5578  next
5579    fix x
5580    AOT_assume 0: x ([F]-x  [F]-x)
5581    AOT_assume 1: [F]x
5582    AOT_have ¬[F]-x
5583      by (AOT_subst "«¬[F]-x»" "«[F]x»")
5584         (auto simp: "thm-relation-negation:2" 1)
5585    AOT_hence 2: ¬[F]-x
5586      using "KBasic:11"[THEN "≡E"(2)] by blast
5587    AOT_show [F]x
5588    proof (rule "raa-cor:1")
5589      AOT_assume 3: ¬[F]x
5590      AOT_have ¬¬[F]-x
5591        by (AOT_subst "«¬[F]-x»" "«[F]x»")
5592           (auto simp add: "thm-relation-negation:2" 3)
5593      AOT_hence [F]-x
5594        using "conventions:5"[THEN "≡dfI"] by simp
5595      AOT_hence [F]-x using 0 "∀E" "→E" by fast
5596      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
5597    qed
5598  qed
5599  also AOT_have   WeaklyContingent([F]-)
5600    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
5601  finally show ?thesis.
5602qed
5603
5604AOT_theorem "cont-nec-fact1:2": (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
5605proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5606  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
5607  AOT_hence WeaklyContingent([F]) using "&E" by blast
5608  moreover AOT_assume F = G
5609  ultimately AOT_have WeaklyContingent([G])
5610    using "rule=E" by blast
5611  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
5612    using 1 "&I" "&E" by blast
5613qed
5614
5615AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
5616proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5617  AOT_show Contingent(O!)
5618    using "oa-contingent:4".
5619next
5620  AOT_show x ([O!]x  [O!]x)
5621    apply (rule GEN; rule "→I")
5622    using "oa-facts:5"[THEN "≡E"(1)] by blast
5623qed
5624
5625
5626AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
5627proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5628  AOT_show Contingent(A!)
5629    using "oa-contingent:5".
5630next
5631  AOT_show x ([A!]x  [A!]x)
5632    apply (rule GEN; rule "→I")
5633    using "oa-facts:6"[THEN "≡E"(1)] by blast
5634qed
5635
5636AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
5637proof (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5638       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
5639  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
5640  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
5641  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
5642  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
5643  moreover AOT_assume x ([E!]x  [E!]x)
5644  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
5645  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
5646  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
5647  moreover AOT_have ¬𝒜E!a using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
5648  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
5649  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5650qed
5651
5652AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
5653  apply (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5654       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
5655  apply (rule "contingent-properties:4"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5656  apply (rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "useful-tautologies:2"[THEN "→E"])
5657  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
5658
5659(* TODO: cleanup *)
5660AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
5661proof -
5662  AOT_have 1: L
5663    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5664  {
5665    fix φ and Π and Π'
5666    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5667    proof (rule "raa-cor:2")
5668      AOT_assume φ{Π'}  φ{Π}
5669      AOT_hence φ{Π'} using that(1) "≡E" by blast
5670      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5671    qed
5672    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5673      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5674  } note 0 = this
5675  show ?thesis
5676    apply(safe intro!: "&I"; rule 0)
5677    using "cqt:2[concrete]"[axiom_inst] apply blast
5678    using "oa-exist:1" apply blast
5679    using "cont-nec-fact2:3" apply fast
5680    apply (rule "useful-tautologies:2"[THEN "→E"])
5681    using "cont-nec-fact2:1" apply fast
5682    using "rel-neg-T:3" apply fast
5683    using "oa-exist:1" apply blast
5684    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5685    apply (rule "useful-tautologies:2"[THEN "→E"])
5686    using "cont-nec-fact2:1" apply blast
5687    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5688    using "oa-exist:1" apply fast
5689    using "cont-nec-fact2:4" apply fast
5690    apply (rule "useful-tautologies:2"[THEN "→E"])
5691    using "cont-nec-fact2:1" apply fast
5692    using "rel-neg-T:3" apply fast
5693    using "oa-exist:1" apply fast
5694    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5695    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5696    apply (rule "useful-tautologies:2"[THEN "→E"])
5697    using "cont-nec-fact2:1" by blast
5698qed
5699
5700(* TODO: cleanup together with above *)
5701AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
5702proof -
5703  AOT_have 1: L
5704    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5705  {
5706    fix φ and Π and Π'
5707    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5708    proof (rule "raa-cor:2")
5709      AOT_assume φ{Π'}  φ{Π}
5710      AOT_hence φ{Π'} using that(1) "≡E" by blast
5711      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5712    qed
5713    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5714      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5715  } note 0 = this
5716  show ?thesis
5717    apply(safe intro!: "&I"; rule 0)
5718    using "cqt:2[concrete]"[axiom_inst] apply blast
5719    using "oa-exist:2" apply blast
5720    using "cont-nec-fact2:3" apply fast
5721    apply (rule "useful-tautologies:2"[THEN "→E"])
5722    using "cont-nec-fact2:2" apply fast
5723    using "rel-neg-T:3" apply fast
5724    using "oa-exist:2" apply blast
5725    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5726    apply (rule "useful-tautologies:2"[THEN "→E"])
5727    using "cont-nec-fact2:2" apply blast
5728    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5729    using "oa-exist:2" apply fast
5730    using "cont-nec-fact2:4" apply fast
5731    apply (rule "useful-tautologies:2"[THEN "→E"])
5732    using "cont-nec-fact2:2" apply fast
5733    using "rel-neg-T:3" apply fast
5734    using "oa-exist:2" apply fast
5735    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5736    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5737    apply (rule "useful-tautologies:2"[THEN "→E"])
5738    using "cont-nec-fact2:2" by blast
5739qed
5740
5741AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
5742  Δp df p  (¬𝒜p & p)
5743
5744AOT_theorem sixteen:
5745 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
5746«F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 & F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 & F1  F14 & F1  F15 & F1  F16 &
5747F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 & F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 & F2  F15 & F2  F16 &
5748F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 & F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
5749F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 & F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
5750F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 & F5  F13 & F5  F14 & F5  F15 & F5  F16 &
5751F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 & F6  F14 & F6  F15 & F6  F16 &
5752F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 & F7  F15 & F7  F16 &
5753F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 & F8  F16 &
5754F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
5755F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
5756F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
5757F12  F13 & F12  F14 & F12  F15 & F12  F16 &
5758F13  F14 & F13  F15 & F13  F16 &
5759F14  F15 & F14  F16 &
5760F15  F16) 
5761proof -
5762
5763  AOT_have Delta_pos: Δφ  φ for φ
5764  proof(rule "→I")
5765    AOT_assume Δφ
5766    AOT_hence φ  (¬𝒜φ & φ)
5767      using "≡dfE"[OF necessary_or_contingently_false] by blast
5768    moreover {
5769      AOT_assume φ
5770      AOT_hence φ
5771        by (metis "B◇" "T◇" "vdash-properties:10")
5772    }
5773    moreover {
5774      AOT_assume ¬𝒜φ & φ
5775      AOT_hence φ
5776        using "&E" by blast
5777    }
5778    ultimately AOT_show φ
5779      by (metis "∨E"(2) "raa-cor:1") 
5780  qed
5781
5782  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5783    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false "raa-cor:3" that(1) that(2) by blast
5784  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5785    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1) that(2) by blast
5786  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
5787    using Delta_pos "modus-tollens:1" that by blast
5788  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
5789    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1) that(2))
5790  AOT_have nec_delta: Δφ if φ for φ
5791    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
5792
5793  AOT_obtain a where a_prop: A!a
5794    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5795  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
5796    using "pos-not-pna:3" using "∃E"[rotated] by blast
5797
5798  AOT_have b_ord: [O!]b
5799  proof(rule "=dfI"(2)[OF AOT_ordinary])
5800    AOT_show x [E!]x] by "cqt:2[lambda]"
5801  next
5802    AOT_show x [E!]x]b
5803    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
5804      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
5805      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
5806    qed
5807  qed
5808
5809  AOT_have nec_not_L_neg: ¬[L-]x for x
5810    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
5811          CBF[THEN "→E"] "∀E" by blast
5812  AOT_have nec_L: [L]x for x
5813    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
5814      CBF[THEN "→E"] "∀E" by blast
5815
5816  AOT_have act_ord_b: 𝒜[O!]b
5817    using b_ord "≡E"(1) "oa-facts:7" by blast
5818  AOT_have delta_ord_b: Δ[O!]b
5819    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false "oa-facts:1" "vdash-properties:10")
5820  AOT_have not_act_ord_a: ¬𝒜[O!]a
5821    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
5822  AOT_have not_delta_ord_a: ¬Δ[O!]a
5823    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "reductio-aa:1" "vdash-properties:10")
5824
5825  AOT_have not_act_abs_b: ¬𝒜[A!]b
5826    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
5827  AOT_have not_delta_abs_b: ¬Δ[A!]b
5828  proof(rule "raa-cor:2")
5829    AOT_assume Δ[A!]b
5830    AOT_hence [A!]b
5831      by (metis Delta_pos "vdash-properties:10")
5832    AOT_thus [A!]b & ¬[A!]b
5833      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2" "oa-facts:4" "vdash-properties:10")
5834  qed
5835  AOT_have act_abs_a: 𝒜[A!]a
5836    using a_prop "≡E"(1) "oa-facts:8" by blast
5837  AOT_have delta_abs_a: Δ[A!]a
5838      by (metis "≡dfI" a_prop "oa-facts:2" "vdash-properties:10" "∨I"(1) necessary_or_contingently_false)
5839
5840  AOT_have not_act_concrete_b: ¬𝒜[E!]b
5841    using b_prop "&E"(2) by blast
5842  AOT_have delta_concrete_b: Δ[E!]b
5843  proof (rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5844    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
5845  next
5846    AOT_show [E!]b using b_prop "&E"(1) by blast
5847  qed
5848  AOT_have not_act_concrete_a: ¬𝒜[E!]a
5849  proof (rule "raa-cor:2")
5850    AOT_assume 𝒜[E!]a
5851    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "vdash-properties:10")
5852    AOT_have [A!]a by (simp add: a_prop)
5853    AOT_hence x ¬[E!]x]a
5854      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5855    AOT_hence ¬[E!]a using "β→C"(1) by blast
5856    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5857  qed
5858  AOT_have not_delta_concrete_a: ¬Δ[E!]a
5859  proof (rule "raa-cor:2")
5860    AOT_assume Δ[E!]a
5861    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
5862    AOT_have [A!]a by (simp add: a_prop)
5863    AOT_hence x ¬[E!]x]a
5864      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5865    AOT_hence ¬[E!]a using "β→C"(1) by blast
5866    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5867  qed
5868
5869  AOT_have not_act_q_zero: ¬𝒜q0
5870    by (meson "log-prop-prop:2" "pos-not-pna:1" q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
5871  AOT_have delta_q_zero: Δq0
5872  proof(rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5873    AOT_show ¬𝒜q0 using not_act_q_zero.
5874    AOT_show q0 by (meson "&E"(1) q0_prop)
5875  qed
5876  AOT_have act_not_q_zero: 𝒜¬q0 using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
5877  AOT_have not_delta_not_q_zero: ¬Δ¬q0
5878      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
5879
5880  AOT_have [L-] by (simp add: "rel-neg-T:3")
5881  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
5882  proof (safe intro!: "&I")
5883    AOT_show ¬𝒜[L-]b by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5884    AOT_show ¬Δ[L-]b by (meson Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg)
5885    AOT_show ¬𝒜[L-]a by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5886    AOT_show ¬Δ[L-]a using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg by blast
5887  qed
5888  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
5889    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5890  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
5891    using "&E" by blast+
5892  note props = this
5893
5894  let  = "«y [A!]y & q0]»"
5895  AOT_modally_strict {
5896    AOT_have [«»] by "cqt:2[lambda]"
5897  } note 1 = this
5898  moreover AOT_have¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
5899  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5900    AOT_show ¬𝒜([A!]b & q0)
5901      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
5902  next AOT_show ¬Δ([A!]b & q0)
5903      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b "oa-facts:4" "oa-facts:8" "raa-cor:3" "vdash-properties:10")
5904  next AOT_show ¬𝒜([A!]a & q0)
5905      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero "raa-cor:3" by blast
5906  next AOT_show Δ([A!]a & q0)
5907    proof (rule not_act_and_pos_delta)
5908      AOT_show ¬𝒜([A!]a & q0)
5909        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero "raa-cor:3" by blast
5910    next AOT_show ([A!]a & q0)
5911        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a "≡E"(1) "oa-facts:6" q0_prop)
5912    qed
5913  qed
5914  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
5915    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5916  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
5917    using "&E" by blast+
5918  note props = props this
5919
5920  let  = "«y [A!]y & ¬q0]»"
5921  AOT_modally_strict {
5922    AOT_have [«»] by "cqt:2[lambda]"
5923  } note 1 = this
5924  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
5925  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5926    AOT_show ¬𝒜([A!]b & ¬q0)
5927      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
5928  next AOT_show ¬Δ([A!]b & ¬q0)
5929      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
5930  next AOT_show 𝒜([A!]a & ¬q0)
5931      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
5932  next AOT_show ¬Δ([A!]a & ¬q0)
5933    proof (rule act_and_not_nec_not_delta)
5934      AOT_show 𝒜([A!]a & ¬q0)
5935        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
5936    next
5937      AOT_show ¬([A!]a & ¬q0)
5938        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4) q0_prop "raa-cor:3")
5939    qed
5940  qed
5941  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
5942    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5943  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
5944    using "&E" by blast+
5945  note props = props this
5946
5947  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
5948    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b by presburger
5949  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
5950    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
5951  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
5952    using "&E" by blast+
5953  note props = props this
5954
5955  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
5956    by (meson "&I" delta_concrete_b not_act_concrete_a not_act_concrete_b not_delta_concrete_a)
5957  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
5958    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5959  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
5960    using "&E" by blast+
5961  note props = props this
5962
5963  AOT_modally_strict {
5964    AOT_have y q0] by "cqt:2[lambda]"
5965  } note 1 = this
5966  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
5967    by (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5968       (auto simp: not_act_q_zero delta_q_zero)
5969  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
5970    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5971  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
5972    using "&E" by blast+
5973  note props = props this
5974
5975  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
5976  AOT_modally_strict {
5977    AOT_have [«»] by "cqt:2[lambda]"
5978  } note 1 = this
5979  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
5980  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5981    AOT_have 𝒜¬([A!]b & ¬q0)
5982      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
5983                "≡E"(1) "raa-cor:3")
5984    moreover AOT_have ¬𝒜[E!]b
5985      using b_prop "&E"(2) by blast
5986    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
5987      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
5988    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
5989      by (AOT_subst «¬([E!]b  ([A!]b & ¬q0))» «¬[E!]b & ¬([A!]b & ¬q0)»)
5990         (auto simp: "oth-class-taut:5:d" 2)
5991    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
5992      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
5993  next
5994    AOT_show Δ([E!]b  ([A!]b & ¬q0))
5995    proof (rule not_act_and_pos_delta)
5996      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
5997        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b not_act_concrete_b "raa-cor:3")
5998    next
5999      AOT_show ([E!]b  ([A!]b & ¬q0))
6000        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6001    qed
6002  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
6003      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
6004  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
6005    proof (rule act_and_not_nec_not_delta)
6006      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
6007        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
6008    next
6009      AOT_have ¬[E!]a
6010        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2) necessary_or_contingently_false not_act_concrete_a not_delta_concrete_a "raa-cor:3")
6011      moreover AOT_have ¬([A!]a & ¬q0)
6012        by (metis "KBasic2:1" "KBasic:11" "KBasic:3" "&E"(1) "&E"(2) "≡E"(1) q0_prop "raa-cor:3")
6013      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0)) by (metis "KBasic:16" "&I" "vdash-properties:10")
6014      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
6015        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
6016      AOT_thus ¬([E!]a  ([A!]a & ¬q0)) by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
6017    qed
6018  qed
6019  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
6020    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6021  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
6022    using "&E" by blast+
6023  note props = props this
6024
6025  let  = "«y [A!]y  [E!]y]»"
6026  AOT_modally_strict {
6027    AOT_have [«»] by "cqt:2[lambda]"
6028  } note 1 = this
6029  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
6030  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6031    AOT_show ¬𝒜([A!]b  [E!]b)
6032      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6033  next AOT_show Δ([A!]b  [E!]b)
6034    proof (rule not_act_and_pos_delta)
6035      AOT_show ¬𝒜([A!]b  [E!]b)
6036        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6037    next AOT_show ([A!]b  [E!]b)
6038        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
6039    qed
6040  next AOT_show 𝒜([A!]a  [E!]a)
6041      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
6042  next AOT_show Δ([A!]a  [E!]a)
6043    proof (rule nec_delta)
6044      AOT_show ([A!]a  [E!]a)
6045        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "vdash-properties:10")
6046    qed
6047  qed
6048  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
6049    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6050  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
6051    using "&E" by blast+
6052  note props = props this
6053
6054  let  = "«y [O!]y & ¬[E!]y]»"
6055  AOT_modally_strict {
6056    AOT_have [«»] by "cqt:2[lambda]"
6057  } note 1 = this
6058  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
6059  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6060    AOT_show 𝒜([O!]b & ¬[E!]b)
6061      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:3")
6062  next AOT_show ¬Δ([O!]b & ¬[E!]b)
6063      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1" act_and_not_nec_not_delta "act-conj-act:3"
6064                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2) "df-rules-formulas[3]"
6065                "≡E"(3) "raa-cor:1" "→E")
6066  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
6067      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
6068  next AOT_have ¬([O!]a & ¬[E!]a)
6069      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "raa-cor:3" "vdash-properties:10")
6070    AOT_thus ¬Δ([O!]a & ¬[E!]a)
6071      by (rule impossible_delta)
6072  qed      
6073  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
6074    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6075  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
6076    using "&E" by blast+
6077  note props = props this
6078
6079  (* TODO_PLM: binary property 9 wrong in PLM *)
6080  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
6081  AOT_modally_strict {
6082    AOT_have [«»] by "cqt:2[lambda]"
6083  } note 1 = this
6084  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6085  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6086    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6087      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6088                "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6089  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
6090    proof (rule act_and_pos_not_not_delta)
6091      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6092        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6093                  "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6094    next
6095      AOT_show ¬(¬[E!]b & ([O!]b  q0))
6096      proof (AOT_subst «¬(¬[E!]b & ([O!]b  q0))» «[E!]b  ¬([O!]b  q0)»)
6097        AOT_modally_strict {
6098          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
6099            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2) "∨E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
6100        }
6101      next
6102        AOT_show ([E!]b  ¬([O!]b  q0))
6103          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6104       qed
6105     qed
6106   next
6107     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6108       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
6109   next
6110     AOT_show Δ(¬[E!]a & ([O!]a  q0))
6111     proof (rule not_act_and_pos_delta)
6112       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6113         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2")
6114     next
6115       AOT_have ¬[E!]a
6116         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "raa-cor:5" by blast
6117       moreover AOT_have ([O!]a  q0)
6118         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
6119       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
6120         by (metis "KBasic:16" "&I" "vdash-properties:10")
6121     qed
6122   qed
6123  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
6124    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6125  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
6126    using "&E" by blast+
6127  note props = props this
6128
6129  AOT_modally_strict {
6130    AOT_have y ¬q0] by "cqt:2[lambda]"
6131  } note 1 = this
6132  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
6133    by (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1]; auto simp: act_not_q_zero not_delta_not_q_zero)
6134  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
6135    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6136  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
6137    using "&E" by blast+
6138  note props = props this
6139
6140  AOT_modally_strict {
6141    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
6142  } note 1 = this
6143  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b & 𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
6144  proof (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6145    AOT_show 𝒜¬[E!]b
6146      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
6147  next AOT_show ¬Δ¬[E!]b
6148      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
6149  next AOT_show 𝒜¬[E!]a
6150      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
6151  next AOT_show Δ¬[E!]a
6152      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "reductio-aa:1" by blast
6153  qed
6154  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
6155    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6156  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
6157    using "&E" by blast+
6158  note props = props this
6159
6160  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
6161    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
6162  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
6163    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6164  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
6165    using "&E" by blast+
6166  note props = props this
6167
6168  let  = "«y [O!]y  q0]»"
6169  AOT_modally_strict {
6170    AOT_have [«»] by "cqt:2[lambda]"
6171  } note 1 = this
6172  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6173  proof (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6174    AOT_show 𝒜([O!]b  q0)
6175      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
6176  next AOT_show Δ([O!]b  q0)
6177      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6178  next AOT_show ¬𝒜([O!]a  q0)
6179      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6180  next AOT_show Δ([O!]a  q0)
6181    proof (rule not_act_and_pos_delta)
6182      AOT_show ¬𝒜([O!]a  q0)
6183        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6184    next AOT_show ([O!]a  q0)
6185        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
6186    qed
6187  qed
6188  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
6189    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6190  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
6191    using "&E" by blast+
6192  note props = props this
6193
6194  let  = "«y [O!]y  ¬q0]»"
6195  AOT_modally_strict {
6196     AOT_have [«»] by "cqt:2[lambda]"
6197  } note 1 = this
6198  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6199  proof (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6200    AOT_show 𝒜([O!]b  ¬q0)
6201      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6202  next AOT_show Δ([O!]b  ¬q0)
6203      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6204  next AOT_show 𝒜([O!]a  ¬q0)
6205      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6206  next AOT_show ¬Δ([O!]a  ¬q0)
6207    proof(rule act_and_pos_not_not_delta)
6208      AOT_show 𝒜([O!]a  ¬q0)
6209        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6210    next
6211      AOT_have ¬[O!]a
6212        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
6213      moreover AOT_have q0
6214        by (meson "&E"(1) q0_prop)
6215      ultimately AOT_have 2: (¬[O!]a & q0)
6216         by (metis "KBasic:16" "&I" "vdash-properties:10")
6217      AOT_show ¬([O!]a  ¬q0)
6218      proof (AOT_subst_rev «¬[O!]a & q0» «¬([O!]a  ¬q0)»)
6219        AOT_modally_strict {
6220          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
6221            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
6222                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
6223        }
6224      next
6225        AOT_show (¬[O!]a & q0)
6226          using "2" by blast
6227      qed
6228    qed
6229  qed
6230  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
6231    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6232  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
6233    using "&E" by blast+
6234  note props = props this
6235
6236  AOT_have [L]
6237    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6238  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
6239  proof (safe intro!: "&I")
6240    AOT_show 𝒜[L]b
6241      by (meson nec_L "nec-imp-act" "vdash-properties:10")
6242    next AOT_show Δ[L]b using nec_L nec_delta by blast
6243    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "vdash-properties:10")
6244    next AOT_show Δ[L]a using nec_L nec_delta by blast
6245  qed
6246  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
6247    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6248  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
6249    using "&E" by blast+
6250  note props = props this
6251
6252  show ?thesis
6253    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1]; rule "∃I"(2)[where β=F2];
6254           rule "∃I"(2)[where β=F3]; rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
6255           rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7]; rule "∃I"(2)[where β=F8];
6256           rule "∃I"(2)[where β=F9]; rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
6257           rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13]; rule "∃I"(2)[where β=F14];
6258           rule "∃I"(2)[where β=F15]; safe intro!: "&I")
6259       (match conclusion in "[?v  [F]  [G]]" for F G  6260        match props in A: "[?v  ¬φ{F}]" for φ 6261        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 6262        match props in B: "[?v  φ{G}]" 6263        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
6264                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
6265                                OF "Disjunction Addition"(2)[THEN "→E"],
6266                                OF "&I", OF A, OF B]››››)+
6267qed
6268
6269AOT_theorem "o-objects-exist:1": x O!x
6270proof(rule RN)
6271  AOT_modally_strict {
6272    AOT_obtain a where (E!a & ¬𝒜[E!]a)
6273      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]] by blast
6274    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
6275    AOT_have x [E!]x]a
6276    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6277      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
6278    next
6279      AOT_show E!a by (fact 1)
6280    qed
6281    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6282    AOT_thus x [O!]x by (rule "∃I")
6283  }
6284qed
6285
6286AOT_theorem "o-objects-exist:2": x A!x
6287proof (rule RN)
6288  AOT_modally_strict {
6289    AOT_obtain a where [A!]a
6290      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6291    AOT_thus x A!x using "∃I" by blast
6292  }
6293qed
6294
6295AOT_theorem "o-objects-exist:3": ¬x O!x
6296  by (rule RN) (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2" "qml:2"[axiom_inst] "reductio-aa:2")
6297
6298AOT_theorem "o-objects-exist:4": ¬x A!x
6299  by (rule RN) (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2" "qml:2"[axiom_inst] "→E")
6300
6301AOT_theorem "o-objects-exist:5": ¬x E!x
6302proof (rule RN; rule "raa-cor:2")
6303  AOT_modally_strict {
6304    AOT_assume x E!x
6305    moreover AOT_obtain a where abs: A!a
6306      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]] "∃E"[rotated] by blast
6307    ultimately AOT_have E!a using "∀E" by blast
6308    AOT_hence 1: E!a by (metis "T◇" "→E")
6309    AOT_have y E!y]a
6310    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6311      AOT_show a using "cqt:2[const_var]"[axiom_inst].
6312    next
6313      AOT_show E!a by (fact 1)
6314    qed
6315    AOT_hence O!a
6316      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6317    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
6318    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
6319  }
6320qed
6321
6322AOT_theorem partition: ¬x (O!x & A!x)
6323proof(rule "raa-cor:2")
6324  AOT_assume x (O!x & A!x)
6325  then AOT_obtain a where O!a & A!a using "∃E"[rotated] by blast
6326  AOT_thus p & ¬p for p by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1) "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
6327qed
6328
6329AOT_define eq_E :: ‹Π› ("'(=E')") "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
6330
6331syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
6332translations
6333  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
6334(* TODO: try to replace by a simple translations pattern *)
6335print_translation6336AOT_syntax_print_translations
6337[(const_syntax‹AOT_exe›, fn ctxt => fn [
6338  Const ("constAOT_PLM.eq_E", _),
6339  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6340] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
6341
6342text‹Note: Not explicitly mentioned as theorem in PLM.›
6343AOT_theorem "=E[denotes]": [(=E)]
6344  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
6345
6346AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
6347proof -
6348  (* TODO: rethink the product hacks *)
6349  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6350    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6351  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2[lambda]"
6352  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
6353    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(AOT_term_of_var x,AOT_term_of_var y)", OF 0]
6354    by fast
6355qed
6356
6357AOT_theorem "=E-simple:2": x =E y  x = y
6358proof (rule "→I")
6359  AOT_assume x =E y
6360  AOT_hence O!x & O!y & F ([F]x  [F]y) using "=E-simple:1"[THEN "≡E"(1)] by blast
6361  AOT_thus x = y
6362    using "≡dfI"[OF "identity:1"] "∨I" by blast
6363qed
6364
6365AOT_theorem "id-nec3:1": x =E y  (x =E y)
6366proof (rule "≡I"; rule "→I")
6367  AOT_assume x =E y
6368  AOT_hence O!x & O!y & F ([F]x  [F]y)
6369    using "=E-simple:1" "≡E" by blast
6370  AOT_hence O!x & O!y & F ([F]x  [F]y)
6371    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4) "oa-facts:1" "raa-cor:3" "vdash-properties:10")
6372  AOT_hence 1: (O!x & O!y & F ([F]x  [F]y))
6373    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
6374  AOT_show (x =E y)
6375    apply (AOT_subst «x =E y» «O!x & O!y & F ([F]x  [F]y)»)
6376     using "=E-simple:1" apply presburger
6377    by (simp add: "1")
6378next
6379  AOT_assume (x =E y)
6380  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
6381qed
6382
6383AOT_theorem "id-nec3:2": (x =E y)  x =E y
6384  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1) "≡E"(5) "Commutativity of ≡")
6385
6386AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
6387  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
6388
6389syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
6390translations
6391  (Π) "(≠E)" == (Π) "(=E)-"
6392syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
6393translations
6394 "_AOT_non_eq_E_infix κ κ'" == "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
6395(* TODO: try replacing be a simple translations pattern *)
6396print_translation6397AOT_syntax_print_translations
6398[(const_syntax‹AOT_exe›, fn ctxt => fn [
6399  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
6400  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6401] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
6402AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
6403proof -
6404  (* TODO: rethink the product hacks *)
6405  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6406    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6407  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2[lambda]" (* TODO_PLM: convoluted proof in PLM; TODO: product hack *)
6408  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
6409    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
6410       (meson "oth-class-taut:3:a")
6411  also AOT_have   ¬(=E)xy
6412    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
6413     apply "cqt:2[lambda]"
6414    by (fact 0)
6415  finally show ?thesis.
6416qed
6417
6418AOT_theorem "id-nec4:1": x E y  (x E y)
6419proof -
6420  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
6421  also AOT_have   ¬(x =E y)
6422    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
6423  also AOT_have   ¬(x =E y)
6424    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
6425  also AOT_have   (x E y)
6426    by (AOT_subst_rev "«x E y»" "«¬(x =E y)»")
6427       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
6428  finally show ?thesis.
6429qed
6430
6431AOT_theorem "id-nec4:2": (x E y)  (x E y)
6432  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2) "≡E"(5) "Commutativity of ≡")
6433
6434AOT_theorem "id-nec4:3": (x E y)  (x E y)
6435  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
6436
6437AOT_theorem "id-act2:1": x =E y  𝒜x =E y
6438  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1) "≡E"(6))
6439AOT_theorem "id-act2:2": x E y  𝒜x E y
6440  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1) "≡E"(6))
6441
6442AOT_theorem "ord=Eequiv:1": O!x  x =E x
6443proof (rule "→I")
6444  AOT_assume 1: O!x
6445  AOT_show x =E x
6446    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
6447    apply (rule "β←C"(1))
6448      apply "cqt:2[lambda]"
6449     apply (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6450    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
6451qed
6452
6453AOT_theorem "ord=Eequiv:2": x =E y  y =E x
6454proof(rule CP)
6455  AOT_assume 1: x =E y
6456  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
6457  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
6458  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
6459  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
6460qed
6461
6462AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
6463proof (rule CP)
6464  AOT_assume 1: x =E y & y =E z
6465  AOT_hence x = y & y = z
6466    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
6467  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
6468  moreover AOT_have x =E x
6469    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1) "ord=Eequiv:1" "→E" by blast
6470  ultimately AOT_show x =E z
6471    using "rule=E" by fast
6472qed
6473
6474AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
6475proof(rule CP)
6476  AOT_assume O!x  O!y
6477  moreover {
6478    AOT_assume O!x
6479    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
6480    moreover {
6481      AOT_modally_strict {
6482        AOT_have O!x  (x = y  x =E y)
6483        proof (rule "→I"; rule "≡I"; rule "→I")
6484          AOT_assume O!x
6485          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
6486          moreover AOT_assume x = y
6487          ultimately AOT_show x =E y using "rule=E" by fast
6488        next
6489          AOT_assume x =E y
6490          AOT_thus x = y by (metis "=E-simple:2" "→E")
6491        qed
6492      }
6493      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
6494    }
6495    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6496  }
6497  moreover {
6498    AOT_assume O!y
6499    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
6500    moreover {
6501      AOT_modally_strict {
6502        AOT_have O!y  (x = y  x =E y)
6503        proof (rule "→I"; rule "≡I"; rule "→I")
6504          AOT_assume O!y
6505          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
6506          moreover AOT_assume x = y
6507          ultimately AOT_show x =E y using "rule=E" id_sym by fast
6508        next
6509          AOT_assume x =E y
6510          AOT_thus x = y by (metis "=E-simple:2" "→E")
6511        qed
6512      }
6513      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
6514    }
6515    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6516  }
6517  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
6518qed
6519
6520AOT_theorem "ord-=E=:2": O!y  x x = y]
6521proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
6522  AOT_show x x =E y] by "cqt:2[lambda]"
6523next
6524  AOT_assume O!y
6525  AOT_hence 1: (x = y  x =E y) for x using "ord-=E=:1" "→E" "∨I" by blast
6526  AOT_have (x =E y  x = y) for x
6527    by (AOT_subst «x =E y  x = y» «x = y  x =E y»)
6528       (auto simp add: "Commutativity of ≡" 1)
6529  AOT_hence x (x =E y  x = y) by (rule GEN)
6530  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
6531qed
6532
6533
6534AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
6535proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
6536  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
6537next
6538  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
6539  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
6540    AOT_modally_strict {
6541      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
6542        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
6543                  "modus-tollens:1" "raa-cor:1" that)
6544    }
6545  next
6546    AOT_modally_strict {
6547      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
6548        apply(safe intro!: "&I")
6549          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
6550         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
6551        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
6552              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]] by fast
6553    }
6554  qed
6555qed
6556
6557AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
6558proof(rule "→I")
6559  AOT_assume F ([F]x  [F]y)
6560  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
6561  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
6562    using "∀E" by blast
6563  moreover AOT_have x F ([F]x  [F]y)]y
6564    apply (rule "β←C"(1))
6565      apply "cqt:2[lambda]"
6566     apply (fact "cqt:2[const_var]"[axiom_inst])
6567    by (simp add: RN GEN "oth-class-taut:3:a")
6568  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
6569  AOT_thus F ([F]x  [F]y)
6570    using "β→C"(1) by blast
6571qed
6572
6573AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
6574proof (rule "→I"; rule "→I")
6575  AOT_assume F ([F]x  [F]y)
6576  AOT_hence F ([F]x  [F]y)
6577    using "ind-nec"[THEN "→E"] by blast
6578  moreover AOT_assume O!x & O!y
6579  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
6580    using "&I" by blast
6581  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
6582qed
6583
6584AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
6585proof (rule "→I"; rule "→I")
6586  AOT_assume O!x & O!y
6587  moreover AOT_assume F ([F]x  [F]y)
6588  ultimately AOT_have x =E y
6589    using "ord=E:1" "→E" by blast
6590  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
6591qed
6592
6593AOT_theorem "ord=E2:1": (O!x & O!y)  (x  y  z z =E x]  z z =E y])
6594proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6595  AOT_assume 0: O!x & O!y
6596  AOT_assume x  y
6597  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6598  AOT_assume z z =E x] = z z =E y]
6599  moreover AOT_have z z =E x]x
6600    apply (rule "β←C"(1))
6601      apply "cqt:2[lambda]"
6602     apply (fact "cqt:2[const_var]"[axiom_inst])
6603    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
6604  ultimately AOT_have z z =E y]x using "rule=E" by fast
6605  AOT_hence x =E y using "β→C"(1) by blast
6606  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
6607  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6608next
6609  AOT_assume z z =E x]  z z =E y]
6610  AOT_hence 0: ¬(z z =E x] = z z =E y]) using "≡dfE"[OF "=-infix"] by blast
6611  AOT_have z z =E x] by "cqt:2[lambda]"
6612  AOT_hence z z =E x] = z z =E x]
6613    by (metis "rule=I:1")
6614  moreover AOT_assume x = y
6615  ultimately AOT_have z z =E x] = z z =E y]
6616    using "rule=E" by fast
6617  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
6618    using 0 "&I" by blast
6619qed
6620
6621AOT_theorem "ord=E2:2": (O!x & O!y)  (x  y  z z = x]  z z = y])
6622proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6623  AOT_assume 0: O!x & O!y
6624  AOT_assume x  y
6625  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6626  AOT_assume z z = x] = z z = y]
6627  moreover AOT_have z z = x]x
6628    apply (rule "β←C"(1))
6629    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6630     apply (fact "cqt:2[const_var]"[axiom_inst])
6631    by (simp add: "id-eq:1")
6632  ultimately AOT_have z z = y]x using "rule=E" by fast
6633  AOT_hence x = y using "β→C"(1) by blast
6634  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6635next
6636  AOT_assume 0: O!x & O!y
6637  AOT_assume z z = x]  z z = y]
6638  AOT_hence 1: ¬(z z = x] = z z = y]) using "≡dfE"[OF "=-infix"] by blast
6639  AOT_have z z = x] by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6640  AOT_hence z z = x] = z z = x]
6641    by (metis "rule=I:1")
6642  moreover AOT_assume x = y
6643  ultimately AOT_have z z = x] = z z = y]
6644    using "rule=E" by fast
6645  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
6646    using 1 "&I" by blast
6647qed
6648
6649AOT_theorem ordnecfail: O!x  ¬F x[F]
6650  by (meson "RM:1" "deduction-theorem" nocoder "oa-facts:1" "vdash-properties:10" "vdash-properties:1[2]")
6651
6652AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
6653proof (rule "→I"; rule "→I")
6654  AOT_assume 1: A!x & A!y
6655  AOT_assume F (x[F]  y[F])
6656  AOT_hence x[F]  y[F] for F using "∀E" by blast
6657  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
6658  AOT_hence F (x[F]  y[F]) by (rule GEN)
6659  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
6660  AOT_thus x = y
6661    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
6662qed
6663
6664AOT_theorem "ab-obey:2": (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
6665proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6666  AOT_assume 1: x = y
6667  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
6668  moreover {
6669    AOT_assume F (x[F] & ¬y[F])
6670    then AOT_obtain F where x[F] & ¬y[F] using "∃E"[rotated] by blast
6671    moreover AOT_have y[F] using calculation[THEN "&E"(1)] 1 "rule=E" by fast
6672    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
6673  }
6674  moreover {
6675    AOT_assume F (y[F] & ¬x[F])
6676    then AOT_obtain F where y[F] & ¬x[F] using "∃E"[rotated] by blast
6677    moreover AOT_have ¬y[F] using calculation[THEN "&E"(2)] 1 "rule=E" by fast
6678    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
6679  }
6680  ultimately AOT_show p & ¬p for p by (metis "∨E"(3) "raa-cor:1")
6681qed
6682
6683AOT_theorem "encoders-are-abstract": F x[F]  A!x
6684  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
6685            "oa-contingent:3" "vdash-properties:1[2]")
6686
6687AOT_theorem "denote=:1": Hx x[H]
6688  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6689
6690AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
6691  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6692
6693AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
6694  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6695
6696AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
6697  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6698
6699AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
6700  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6701
6702AOT_theorem "denote=:3": x x[Π]  H (H = Π)
6703  using "existence:2[1]" "free-thms:1" "≡E"(2) "≡E"(5) "Commutativity of ≡" "≡Df" by blast
6704
6705AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
6706  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
6707
6708AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
6709  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
6710
6711AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
6712  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
6713
6714AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
6715  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
6716
6717AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
6718proof (rule "uniqueness:1"[THEN "≡dfI"])
6719  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
6720    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
6721  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
6722  proof (rule "→I")
6723    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
6724    AOT_hence β[F]  φ{F} for F using "∀E" "&E" by blast
6725    AOT_hence β[F]  a[F] for F
6726      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2) "≡E"(5) "Commutativity of ≡" by fast
6727    AOT_hence F (β[F]  a[F]) by (rule GEN)
6728    AOT_thus β = a
6729      using "ab-obey:1"[THEN "→E", OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]], THEN "→E"] by blast
6730  qed
6731  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
6732  AOT_thus α ([A!]α & F (α[F]  φ{F}) & β ([A!]β & F (β[F]  φ{F})  β = α))
6733    using "∃I" using a_prop "&I" by fast
6734qed
6735
6736AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
6737  using "A-objects!" by fast
6738
6739AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
6740  using "A-objects!" by fast
6741
6742AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
6743  using "A-objects!" by fast
6744
6745AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
6746  using "A-objects!" by fast
6747
6748AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
6749  using "A-objects!" by fast
6750
6751AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
6752  using "A-objects!" by fast
6753
6754AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
6755  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
6756
6757AOT_act_theorem "thm-can-terms2": y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6758  using "y-in:2" by blast
6759
6760AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
6761proof(rule "→I")
6762  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6763  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
6764    using "actual-desc:2"[THEN "→E"] by blast
6765  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
6766  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
6767qed
6768
6769AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6770proof -
6771  AOT_have ιx(A!x & F (x[F]  φ{F}))
6772    by (simp add: "A-descriptions")
6773  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6774    using "y-in:3"[THEN "→E"] by blast
6775  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6776    using "&E" "∀E" by blast
6777qed
6778
6779AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
6780  using "desc-encode:1".
6781
6782AOT_theorem "desc-nec-encode:1": ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6783proof -
6784  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
6785    by (simp add: "A-descriptions")
6786  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
6787    using "actual-desc:4"[THEN "→E"] by blast
6788  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6789    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
6790  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6791    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
6792  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6793    using "∀E" by blast
6794  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6795    using "Act-Basic:5" "≡E"(1) by blast
6796  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6797    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
6798qed
6799
6800AOT_theorem "desc-nec-encode:2": ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
6801  using "desc-nec-encode:1".
6802
6803AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
6804  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
6805     (meson "nec-imp-act" "vdash-properties:10")
6806
6807AOT_theorem "Box-desc-encode:2": φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6808proof(rule CP)
6809  AOT_assume φ{G}
6810  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
6811  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6812  proof (rule RM; rule "→I")
6813    AOT_modally_strict {
6814      AOT_assume 1: φ{G}
6815      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G] using "Box-desc-encode:1" "→E" by blast
6816      moreover AOT_have φ{G} using 1 by (meson "qml:2" "vdash-properties:10" "vdash-properties:1[2]")
6817      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
6818        using "deduction-theorem" "≡I" by simp
6819    }
6820  qed
6821  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}) using "→E" by blast
6822qed
6823
6824definition rigid_condition where rigid_condition φ  v . [v  α (φ{α}  φ{α})]
6825syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
6826
6827AOT_theorem "strict-can:1[E]": assumes RIGID_CONDITION(φ)
6828  shows α (φ{α}  φ{α})
6829  using assms[unfolded rigid_condition_def] by auto
6830
6831AOT_theorem "strict-can:1[I]":
6832  assumes  α (φ{α}  φ{α})
6833  shows RIGID_CONDITION(φ)
6834  using assms rigid_condition_def by auto
6835
6836AOT_theorem "box-phi-a:1": assumes RIGID_CONDITION(φ)
6837  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
6838proof (rule "→I")
6839  AOT_assume a: A!x & F (x[F]  φ{F})
6840  AOT_hence b: A!x by (metis "Conjunction Simplification"(1) "oa-facts:2" "vdash-properties:10")
6841  AOT_have x[F]  φ{F} for F using a[THEN "&E"(2)] "∀E" by blast
6842  moreover AOT_have (x[F]  x[F]) for F by (meson "pre-en-eq:1[1]" RN)
6843  moreover AOT_have (φ{F}  φ{F}) for F using RN "strict-can:1[E]"[OF assms] "∀E" by blast
6844  ultimately AOT_have (x[F]  φ{F}) for F
6845    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
6846  AOT_hence F (x[F]  φ{F}) by (rule GEN)
6847  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
6848  AOT_thus ([A!]x & F (x[F]  φ{F}))
6849    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
6850qed
6851
6852AOT_theorem "box-phi-a:2": assumes RIGID_CONDITION(φ)
6853  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6854proof(rule "→I")
6855  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6856  AOT_hence 𝒜(A!y & F (y[F]  φ{F})) using "actual-desc:2"[THEN "→E"] by fast
6857  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
6858    using "Act-Basic:2" "&E" "≡E"(1) by blast+
6859  AOT_hence F 𝒜(y[F]  φ{F}) by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
6860  AOT_hence 𝒜(y[F]  φ{F}) for F using "∀E" by blast
6861  AOT_hence 𝒜y[F]  𝒜φ{F} for F by (metis "Act-Basic:5" "≡E"(1)) 
6862  AOT_hence y[F]  φ{F} for F
6863    using "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6864    by (metis "en-eq:10[1]" "≡E"(6))
6865  AOT_hence F (y[F]  φ{F}) by (rule GEN)
6866  AOT_thus [A!]y & F (y[F]  φ{F}) using abs "&I" "≡E"(2) "oa-facts:8" by blast
6867qed
6868
6869AOT_theorem "box-phi-a:3": assumes RIGID_CONDITION(φ)
6870  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6871  using "desc-nec-encode:2"
6872    "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6873    "≡E"(5) by blast
6874
6875AOT_define Null :: ‹τ  φ› ("Null'(_')") 
6876  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
6877
6878AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
6879  "df-null-uni:2": Universal(x) df A!x & F x[F]
6880
6881AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
6882proof (rule "uniqueness:1"[THEN "≡dfI"])
6883  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
6884    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
6885  AOT_have a_null: ¬a[F] for F
6886  proof (rule "raa-cor:2")
6887    AOT_assume a[F]
6888    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
6889    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
6890    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
6891  qed
6892  AOT_have Null(a) & β (Null(β)  β = a)
6893  proof (rule "&I")
6894    AOT_have ¬F a[F] using a_null by (metis "instantiation" "reductio-aa:1")
6895    AOT_thus Null(a)
6896      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
6897  next
6898    AOT_show β (Null(β)  β = a)
6899    proof (rule GEN; rule "→I")
6900      fix β
6901      AOT_assume a: Null(β)
6902      AOT_hence ¬F β[F]
6903        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6904      AOT_hence β_null: ¬β[F] for F by (metis "existential:2[const_var]" "reductio-aa:1")
6905      AOT_have F (β[F]  a[F])
6906        apply (rule GEN; rule "≡I"; rule CP)
6907        using "raa-cor:3" β_null a_null by blast+
6908      moreover AOT_have A!β using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6909      ultimately AOT_show β = a
6910        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" by blast
6911    qed
6912  qed
6913  AOT_thus α (Null(α) & β (Null(β)  β = α)) using "∃I"(2) by fast
6914qed
6915
6916AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
6917proof (rule "uniqueness:1"[THEN "≡dfI"])
6918  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
6919    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
6920  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
6921  AOT_hence Universal(a)
6922    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
6923  moreover AOT_have β (Universal(β)  β = a)
6924  proof (rule GEN; rule "→I")
6925    fix β
6926    AOT_assume Universal(β)
6927    AOT_hence abs_β: A!β and β[F] for F using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
6928    AOT_hence β[F]  a[F] for F using aF by (metis "deduction-theorem" "≡I")
6929    AOT_hence F (β[F]  a[F]) by (rule GEN)
6930    AOT_thus β = a
6931      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" abs_β by blast
6932  qed
6933  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
6934    using "&I" "∃I" by fast
6935qed
6936
6937AOT_theorem "null-uni-uniq:3": ιx Null(x)
6938  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
6939
6940AOT_theorem "null-uni-uniq:4": ιx Universal(x)
6941  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
6942
6943AOT_define Null_object :: ‹κs (a)
6944  "df-null-uni-terms:1": a =df ιx Null(x)
6945
6946AOT_define Universal_object :: ‹κs (aV)
6947  "df-null-uni-terms:2": aV =df ιx Universal(x)
6948
6949AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
6950proof (rule "→I")
6951  AOT_assume Null(x)
6952  AOT_hence x_abs: A!x and x_null: ¬F x[F]
6953    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
6954  AOT_have ¬x[F] for F using x_null
6955    using "existential:2[const_var]" "reductio-aa:1"
6956    by metis
6957  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
6958  AOT_hence F ¬x[F] by (rule GEN)
6959  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
6960  moreover AOT_have F ¬x[F]  ¬F x[F]
6961    apply (rule RM)
6962    by (metis (full_types) "instantiation" "cqt:2[const_var]" "deduction-theorem"
6963                           "reductio-aa:1" "rule-ui:1" "vdash-properties:1[2]")
6964  ultimately AOT_have ¬F x[F]
6965    by (metis "→E")
6966  moreover AOT_have A!x using x_abs
6967    using "oa-facts:2" "vdash-properties:10" by blast
6968  ultimately AOT_have r: (A!x & ¬F x[F])
6969    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
6970  AOT_show Null(x)
6971    by (AOT_subst "«Null(x)»" "«A!x & ¬F x[F]»")
6972       (auto simp: "df-null-uni:1" "≡Df" r)
6973qed  
6974
6975AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
6976proof (rule "→I")
6977  AOT_assume Universal(x)
6978  AOT_hence x_abs: A!x and x_univ: F x[F]
6979    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
6980  AOT_have x[F] for F using x_univ "∀E" by blast
6981  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
6982  AOT_hence F x[F] by (rule GEN)
6983  AOT_hence F x[F] by (rule BF[THEN "→E"])
6984  moreover AOT_have A!x using x_abs
6985    using "oa-facts:2" "vdash-properties:10" by blast
6986  ultimately AOT_have r: (A!x & F x[F])
6987    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
6988  AOT_show Universal(x)
6989    by (AOT_subst "«Universal(x)»" "«A!x & F x[F]»")
6990       (auto simp add: "df-null-uni:2" "≡Df" r)
6991qed
6992
6993AOT_theorem "null-uni-facts:3": Null(a)
6994  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
6995   apply (simp add: "null-uni-uniq:3")
6996  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
6997    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"], THEN "≡E"(1)]
6998  by blast
6999
7000AOT_theorem "null-uni-facts:4": Universal(aV)
7001  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
7002   apply (simp add: "null-uni-uniq:4")
7003  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
7004    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"], THEN "≡E"(1)]
7005  by blast
7006
7007AOT_theorem "null-uni-facts:5": a  aV
7008proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
7009    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
7010    rule "≡dfI"[OF "=-infix"];
7011    rule "raa-cor:2")
7012  AOT_obtain x where nullx: Null(x)
7013    by (metis "instantiation" "df-null-uni-terms:1" "existential:1" "null-uni-facts:3"
7014              "null-uni-uniq:3" "rule-id-df:2:b[zero]")
7015  AOT_hence act_null: 𝒜Null(x) by (metis "nec-imp-act" "null-uni-facts:1" "vdash-properties:10")
7016  AOT_assume ιx Null(x) = ιx Universal(x)
7017  AOT_hence 𝒜x(Null(x)  Universal(x))
7018    using "actual-desc:5"[THEN "→E"] by blast
7019  AOT_hence x 𝒜(Null(x)  Universal(x))
7020    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
7021  AOT_hence 𝒜Null(x)  𝒜Universal(x)
7022    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
7023  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
7024  AOT_hence Universal(x) by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "vdash-properties:10")
7025  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
7026  moreover AOT_have ¬F x[F] using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
7027  ultimately AOT_show p & ¬p for p by (metis "cqt-further:1" "raa-cor:3" "vdash-properties:10")
7028qed
7029
7030AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
7031proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7032  AOT_show ιx([A!]x & F (x[F]  F  F))
7033    by (simp add: "A-descriptions")
7034next
7035  AOT_show a
7036    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7037       (simp add: "null-uni-uniq:3")
7038next
7039  AOT_have ιx([A!]x & F (x[F]  F  F))
7040    by (simp add: "A-descriptions")
7041  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
7042    using "rule=I:1" by blast
7043  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
7044    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"]; rule "&I")
7045    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:a[zero]" "vdash-properties:10")
7046    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7047next
7048  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
7049  proof (rule GEN)
7050    fix F
7051    AOT_have ¬a[F]
7052      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7053         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3)
7054                "df-null-uni:1" "df-null-uni-terms:1" "existential:2[const_var]" "null-uni-facts:3"
7055                "raa-cor:2" "rule-id-df:2:a[zero]" "russell-axiom[enc,1].ψ_denotes_asm")
7056    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
7057    proof(rule "raa-cor:2")
7058      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
7059      AOT_hence 𝒜(F  F) using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
7060      moreover AOT_have ¬𝒜(F  F)
7061        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2) "=-infix" "raa-cor:3" by blast
7062      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
7063    qed
7064    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
7065      using "deduction-theorem" "≡I" "raa-cor:4" by blast
7066  qed
7067qed
7068
7069AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
7070proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7071  AOT_show ιx([A!]x & F (x[F]  F = F))
7072    by (simp add: "A-descriptions")
7073next
7074  AOT_show aV
7075    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7076       (simp add: "null-uni-uniq:4")
7077next
7078  AOT_have ιx([A!]x & F (x[F]  F = F))
7079    by (simp add: "A-descriptions")
7080  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
7081    using "rule=I:1" by blast
7082  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
7083    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"]; rule "&I")
7084    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "vdash-properties:10")
7085    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7086next
7087  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
7088  proof (rule GEN)
7089    fix F
7090    AOT_have aV[F]
7091      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7092      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "rule-ui:3" by blast
7093    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
7094      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
7095    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
7096      using "deduction-theorem" "≡I" by simp
7097  qed
7098qed
7099
7100AOT_theorem "aclassical:1": Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
7101proof(rule GEN)
7102  fix R
7103  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
7104    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7105  AOT_have a_enc: az [R]za]
7106  proof (rule "raa-cor:1")
7107    AOT_assume 0: ¬az [R]za]
7108    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7109      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
7110                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7111         "cqt:2[lambda]"
7112    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7113      using "cqt-further:4" "vdash-properties:10" by blast
7114    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za]) using "∀E" by blast
7115    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
7116      by (metis "&I" "deduction-theorem" "raa-cor:3")
7117    moreover AOT_have z [R]za] = z [R]za]
7118      by (rule "=I") "cqt:2[lambda]"
7119    ultimately AOT_have az [R]za] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7120    AOT_thus az [R]za] & ¬az [R]za]
7121      using 0 "&I" by blast
7122  qed
7123  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7124    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7125  then AOT_obtain b where b_prop: A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
7126    using "∃E"[rotated] by blast
7127  AOT_have a  b
7128    apply (rule "≡dfI"[OF "=-infix"])
7129    using a_enc b_prop[THEN "&E"(2)]
7130    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7131  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
7132    using b_prop "&E" a_prop "&I" by meson
7133  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
7134  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
7135qed
7136
7137AOT_theorem "aclassical:2": Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
7138proof(rule GEN)
7139  fix R
7140  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
7141    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7142  AOT_have a_enc: az [R]az]
7143  proof (rule "raa-cor:1")
7144    AOT_assume 0: ¬az [R]az]
7145    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7146      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
7147                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7148         "cqt:2[lambda]"
7149    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7150      using "cqt-further:4" "vdash-properties:10" by blast
7151    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az]) using "∀E" by blast
7152    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
7153      by (metis "&I" "deduction-theorem" "raa-cor:3")
7154    moreover AOT_have z [R]az] = z [R]az]
7155      by (rule "=I") "cqt:2[lambda]"
7156    ultimately AOT_have az [R]az] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7157    AOT_thus az [R]az] & ¬az [R]az]
7158      using 0 "&I" by blast
7159  qed
7160  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7161    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7162  then AOT_obtain b where b_prop: A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
7163    using "∃E"[rotated] by blast
7164  AOT_have a  b
7165    apply (rule "≡dfI"[OF "=-infix"])
7166    using a_enc b_prop[THEN "&E"(2)]
7167    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7168  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
7169    using b_prop "&E" a_prop "&I" by meson
7170  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
7171  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
7172qed
7173
7174AOT_theorem "aclassical:3": Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
7175proof(rule GEN)
7176  fix R
7177  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
7178    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7179  AOT_have z [R]a] by "cqt:2[lambda]"
7180  (* TODO: S should no longer be necessary *)
7181  then AOT_obtain S where S_def: S = z [R]a]
7182    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
7183  AOT_have a_enc: a[S]
7184  proof (rule "raa-cor:1")
7185    AOT_assume 0: ¬a[S]
7186    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
7187      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
7188                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated]) 
7189    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
7190      using "cqt-further:4" "vdash-properties:10" by blast
7191    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
7192    AOT_hence (A!a & S = z [R]a])  a[S]
7193      by (metis "&I" "deduction-theorem" "raa-cor:3")
7194    moreover AOT_have S = z [R]a] using S_def .
7195    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7196    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
7197  qed
7198  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
7199    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
7200  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
7201    using "∃E"[rotated] by blast
7202  AOT_have 1: a  b
7203    apply (rule "≡dfI"[OF "=-infix"])
7204    using a_enc b_prop[THEN "&E"(2)]
7205    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7206  AOT_have a:  [R]a] = ([R]a)
7207    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7208    by (meson "log-prop-prop:2")
7209  AOT_have b:  [R]b] = ([R]b)
7210    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7211    by (meson "log-prop-prop:2")
7212  AOT_have  [R]a] =  [R]b]
7213    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
7214    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
7215    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
7216     apply (rule "rule=E"[rotated, OF S_def])
7217    using b_prop "&E" apply blast
7218    apply (safe intro!: "&I")
7219    by (simp add: "log-prop-prop:2")+
7220  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
7221    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)] "&I" by auto
7222  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
7223  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
7224qed
7225
7226AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
7227proof -
7228  AOT_have x y ([A!]x & [A!]y & x  y &
7229               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7230    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
7231       "cqt:2[lambda]"
7232  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
7233               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7234    using "∃E"[rotated] by blast
7235  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
7236               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7237    using "∃E"[rotated] by blast
7238  AOT_have z xy F ([F]x  [F]y)]zx]x
7239    apply (rule "β←C"(1))
7240      apply "cqt:2[lambda]"
7241     apply (fact "cqt:2[const_var]"[axiom_inst])
7242    apply (rule "β←C"(1))
7243      apply "cqt:2[lambda]"
7244    apply (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
7245    by (simp add: "oth-class-taut:3:a" "universal-cor")
7246  AOT_hence z xy F ([F]x  [F]y)]zy]x
7247    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
7248  AOT_hence xy F ([F]x  [F]y)]xy
7249    by (rule "β→C"(1))
7250  AOT_hence F ([F]x  [F]y)
7251    using "β→C"(1) old.prod.case by fast
7252  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y) using 0 "&E" "&I" by blast
7253  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
7254  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
7255qed
7256
7257AOT_theorem "kirchner-thm:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7258proof(rule "≡I"; rule "→I")
7259  AOT_assume x φ{x}]
7260  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
7261  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7262  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7263    AOT_modally_strict {
7264      fix x y
7265      AOT_assume 0: x φ{x}]
7266      moreover AOT_assume F([F]x  [F]y)
7267      ultimately AOT_have x φ{x}]x  x φ{x}]y
7268        using "∀E" by blast
7269      AOT_thus (φ{x}  φ{y})
7270        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7271    }
7272  qed
7273  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7274    using "→E" by blast
7275next
7276  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y}))  y(x(F([F]x  [F]y) & φ{x})  φ{y})
7277  proof(rule "RM:1"; rule "→I"; rule GEN)
7278    AOT_modally_strict {
7279      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7280      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
7281        using "∀E"(2) "→E" that by blast
7282      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
7283      proof (rule "raa-cor:1")
7284        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
7285        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y})  (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7286          using "≡E"(1) "oth-class-taut:4:h" by blast
7287        moreover {
7288          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
7289          AOT_obtain a where F([F]a  [F]y) & φ{a}
7290            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7291          AOT_hence φ{y} using indisc[THEN "≡E"(1)] "&E" by blast
7292          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7293        }
7294        moreover {
7295          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7296          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
7297            using "&E"(1) "cqt-further:4" "→E" by blast
7298          AOT_hence ¬(F([F]y  [F]y) & φ{y}) using "∀E" by blast
7299          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
7300            using "≡E"(1) "oth-class-taut:5:c" by blast
7301          moreover AOT_have F([F]y  [F]y) by (simp add: "oth-class-taut:3:a" "universal-cor")
7302          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
7303          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7304        }
7305        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7306      qed
7307    }
7308  qed
7309  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7310  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
7311    using "→E" by blast
7312  AOT_thus x φ{x}]
7313    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7314qed
7315
7316AOT_theorem "kirchner-thm:2": x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7317proof(rule "≡I"; rule "→I")
7318  AOT_assume x1...xn φ{x1...xn}]
7319  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "vdash-properties:10")
7320  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7321  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7322    AOT_modally_strict {
7323      fix x1xn y1yn :: 'a AOT_var›
7324      AOT_assume 0: x1...xn φ{x1...xn}]
7325      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7326      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn  x1...xn φ{x1...xn}]y1...yn
7327        using "∀E" by blast
7328      AOT_thus (φ{x1...xn}  φ{y1...yn})
7329        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7330    }
7331  qed
7332  ultimately AOT_show x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7333    using "→E" by blast
7334next
7335  AOT_have (x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))) 
7336            y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7337  proof(rule "RM:1"; rule "→I"; rule GEN)
7338    AOT_modally_strict {
7339      AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7340      AOT_hence indisc: φ{x1...xn}  φ{y1...yn} if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
7341        using "∀E"(2) "→E" that by blast
7342      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn} for y1yn
7343      proof (rule "raa-cor:1")
7344        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7345        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}) 
7346                    (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & φ{y1...yn})
7347          using "≡E"(1) "oth-class-taut:4:h" by blast
7348        moreover {
7349          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}
7350          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
7351            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7352          AOT_hence φ{y1...yn} using indisc[THEN "≡E"(1)] "&E" by blast
7353          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7354        }
7355        moreover {
7356          AOT_assume 0: (¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))) & φ{y1...yn})
7357          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
7358            using "&E"(1) "cqt-further:4" "→E" by blast
7359          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn}) using "∀E" by blast
7360          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
7361            using "≡E"(1) "oth-class-taut:5:c" by blast
7362          moreover AOT_have F([F]y1...yn  [F]y1...yn)
7363            by (simp add: "oth-class-taut:3:a" "universal-cor")
7364          ultimately AOT_have ¬φ{y1...yn} by (metis "¬¬I" "∨E"(2))
7365          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7366        }
7367        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7368      qed
7369    }
7370  qed
7371  moreover AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7372  ultimately AOT_have y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7373    using "→E" by blast
7374  AOT_thus x1...xn φ{x1...xn}]
7375    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7376qed
7377
7378AOT_theorem "kirchner-thm-cor:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7379proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7380  fix x y
7381  AOT_assume x φ{x}]
7382  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7383    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
7384  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7385    using CBF[THEN "→E"] by blast
7386  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7387    using "∀E" by blast
7388  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7389    using CBF[THEN "→E"] by blast
7390  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
7391    using "∀E" by blast
7392  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
7393    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7394  moreover AOT_assume F([F]x  [F]y)
7395  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
7396qed
7397
7398AOT_theorem "kirchner-thm-cor:2":
7399  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7400proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7401  fix x1xn y1yn
7402  AOT_assume x1...xn φ{x1...xn}]
7403  AOT_hence 0: x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7404    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
7405  AOT_have x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7406  proof(rule GEN; rule GEN)
7407    fix x1xn y1yn
7408    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7409      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
7410      using "∀E" by blast
7411  qed
7412  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7413    using "∀E" by blast
7414  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7415    using "∀E" by blast
7416  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7417    using "∀E" by blast
7418  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
7419    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7420  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7421  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2[lambda]"
7422  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn  x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7423    using "∀E" by blast
7424  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7425    apply (rule "β←C"(1))
7426      apply "cqt:2[lambda]"
7427     apply (fact "cqt:2[const_var]"[axiom_inst])
7428    by (simp add: RN GEN "oth-class-taut:3:a")
7429  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn using "≡E"(2) by blast
7430  AOT_hence F ([F]x1...xn  [F]y1...yn)
7431    using "β→C"(1) by blast
7432  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
7433qed
7434
7435AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
7436  "prop-prop1": Propositional([F]) df p(F = y p])
7437
7438AOT_theorem "prop-prop2:1": p y p]
7439  by (rule GEN) "cqt:2[lambda]"
7440
7441AOT_theorem "prop-prop2:2": ν φ]
7442  by "cqt:2[lambda]"
7443
7444AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
7445proof (rule "→I")
7446  AOT_assume 0: F = y p]
7447  AOT_show x([F]x  p)
7448    by (rule "rule=E"[rotated, OF 0[symmetric]]; rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
7449      "cqt:2[lambda]"
7450qed
7451
7452AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
7453proof(rule "→I")
7454  AOT_assume Propositional([F])
7455  AOT_hence p(F = y p]) using "≡dfE"[OF "prop-prop1"] by blast
7456  then AOT_obtain p where F = y p] using "∃E"[rotated] by blast
7457  AOT_hence (F = y p]) using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
7458  AOT_hence p (F = y p]) using "∃I" by fast
7459  AOT_hence 0: p (F = y p]) by (metis Buridan "vdash-properties:10")
7460  AOT_show Propositional([F])
7461    apply (AOT_subst «Propositional([F])» «p (F = y p])»)
7462     using "prop-prop1" "≡Df" apply presburger
7463    by (fact 0)
7464qed
7465
7466AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
7467  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
7468
7469AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
7470proof(rule "→I")
7471  AOT_assume Propositional([Π])
7472  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
7473  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
7474  AOT_show Indiscriminate([Π])
7475  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7476    AOT_show Π
7477      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
7478  next
7479    AOT_show (x [Π]x  x [Π]x)
7480    proof (rule "rule=E"[rotated, OF Π_def[symmetric]]; rule RN; rule "→I"; rule GEN)
7481      AOT_modally_strict {
7482        AOT_assume x y p]x
7483        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
7484        AOT_hence 0: p by (metis "β→C"(1))
7485        AOT_show y p]x for x
7486          apply (rule "β←C"(1))
7487            apply "cqt:2[lambda]"
7488           apply (fact "cqt:2[const_var]"[axiom_inst])
7489          by (fact 0)
7490      }
7491    qed
7492  qed
7493qed
7494
7495AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
7496proof (rule "→I")
7497  AOT_assume Necessary([F])
7498  AOT_hence 0: x1...∀xn [F]x1...xn using "≡dfE"[OF "contingent-properties:1"] by blast
7499  AOT_show Indiscriminate([F])
7500    by (rule "≡dfI"[OF "prop-indis"])
7501       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "vdash-properties:6") 
7502qed
7503
7504AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
7505proof (rule "→I")
7506  AOT_modally_strict {
7507    AOT_have x ¬[F]x  (x [F]x  x [F]x)
7508      by (metis "instantiation" "cqt-orig:3" "Hypothetical Syllogism" "deduction-theorem" "raa-cor:3")
7509  }
7510  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
7511    by (rule "RM:1")
7512  AOT_assume Impossible([F])
7513  AOT_hence x ¬[F]x using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
7514  AOT_hence 1: (x [F]x  x [F]x) using 0 "→E" by blast
7515  AOT_show Indiscriminate([F])
7516    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7517       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
7518qed
7519
7520AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
7521proof(rule "raa-cor:2")
7522  AOT_assume Indiscriminate([E!])
7523  AOT_hence 0: (x [E!]x  x [E!]x)
7524    using "≡dfE"[OF "prop-indis"] "&E" by blast
7525  AOT_hence x [E!]x  x [E!]x
7526    using "KBasic:13" "vdash-properties:10" by blast
7527  moreover AOT_have x [E!]x
7528    by (simp add: "thm-cont-e:3")
7529  ultimately AOT_have x [E!]x
7530    by (metis "vdash-properties:6")
7531  AOT_thus p & ¬p for p
7532    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
7533qed
7534
7535AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
7536proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]]; rule "raa-cor:2")
7537  AOT_assume Indiscriminate(x ¬[E!]x])
7538  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
7539    using "≡dfE"[OF "prop-indis"] "&E" by blast
7540  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
7541    using "→E" "qml:1" "vdash-properties:1[2]" by blast
7542  moreover AOT_have x x ¬[E!]x]x
7543    apply (AOT_subst λκ. «x ¬[E!]x]κ» λκ. «¬[E!]κ»)
7544    apply (rule "beta-C-meta"[THEN "→E"])
7545     apply "cqt:2[lambda]"
7546    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2" "o-objects-exist:5" "vdash-properties:10")
7547  ultimately AOT_have 1: x x ¬[E!]x]x
7548    by (metis "vdash-properties:6")
7549  AOT_have x ¬[E!]x
7550    apply (AOT_subst_rev λκ. «x ¬[E!]x]κ» λκ. «¬[E!]κ»)
7551    apply (rule "beta-C-meta"[THEN "→E"])
7552     apply "cqt:2[lambda]"
7553    by (fact 1)
7554  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
7555  moreover AOT_obtain a where abs_a: O!a
7556    using "instantiation" "o-objects-exist:1" "qml:2" "vdash-properties:1[2]" "vdash-properties:6" by blast
7557  ultimately AOT_have ¬[E!]a using "∀E" by blast
7558  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
7559  AOT_have A!a
7560    apply (rule "=dfI"(2)[OF AOT_abstract])
7561     apply "cqt:2[lambda]"
7562    apply (rule "β←C"(1))
7563      apply "cqt:2[lambda]"
7564    using "cqt:2[const_var]"[axiom_inst] apply blast
7565    by (fact 2)
7566  AOT_thus p & ¬p for p using abs_a
7567    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
7568qed
7569
7570AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
7571proof(rule "raa-cor:2")
7572  AOT_assume Indiscriminate(O!)
7573  AOT_hence 0: (x O!x  x O!x)
7574    using "≡dfE"[OF "prop-indis"] "&E" by blast
7575  AOT_hence x O!x  x O!x
7576    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7577  moreover AOT_have x O!x
7578    using "o-objects-exist:1" by blast
7579  ultimately AOT_have x O!x
7580    by (metis "vdash-properties:6")
7581  AOT_thus p & ¬p for p
7582    by (metis "o-objects-exist:3" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7583qed
7584
7585AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
7586proof(rule "raa-cor:2")
7587  AOT_assume Indiscriminate(A!)
7588  AOT_hence 0: (x A!x  x A!x)
7589    using "≡dfE"[OF "prop-indis"] "&E" by blast
7590  AOT_hence x A!x  x A!x
7591    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7592  moreover AOT_have x A!x
7593    using "o-objects-exist:2" by blast
7594  ultimately AOT_have x A!x
7595    by (metis "vdash-properties:6")
7596  AOT_thus p & ¬p for p
7597    by (metis "o-objects-exist:4" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7598qed
7599
7600AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
7601  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
7602
7603AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
7604  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
7605
7606AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
7607  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
7608
7609AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
7610  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
7611
7612AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
7613proof(rule "→I")
7614  AOT_assume p (F = y p])
7615  AOT_hence p (F = y p])
7616    by (metis "BF◇" "vdash-properties:10")
7617  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7618  AOT_hence F = y p] by (metis "derived-S5-rules:2" emptyE "id-nec:2" "vdash-properties:6")
7619  AOT_thus p(F = y p]) by (rule "∃I")
7620qed
7621
7622AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
7623proof(rule "→I")
7624  AOT_assume p (F  y p])
7625  AOT_hence (F  y p]) for p
7626    using "∀E" by blast
7627  AOT_hence (F  y p]) for p
7628    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7629  AOT_hence p (F  y p]) by (rule GEN)
7630  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
7631qed
7632
7633AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
7634proof(rule "→I")
7635  AOT_assume p (F = y p])
7636  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7637  AOT_hence (F = y p]) by (metis "id-nec:2" "vdash-properties:6")
7638  AOT_hence p(F = y p]) by (rule "∃I")
7639  AOT_thus p(F = y p]) by (metis Buridan "vdash-properties:10")
7640qed
7641
7642AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
7643proof(rule "→I")
7644  AOT_assume p (F  y p])
7645  AOT_hence p (F  y p]) by (metis "Buridan◇" "vdash-properties:10")
7646  AOT_hence (F  y p]) for p
7647    using "∀E" by blast
7648  AOT_hence F  y p] for p
7649    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7650  AOT_thus p (F  y p]) by (rule GEN)
7651qed
7652
7653AOT_theorem "enc-prop-nec:1": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7654proof(rule "→I"; rule GEN; rule "→I")
7655  fix F
7656  AOT_assume F (x[F]  p(F = y p]))
7657  AOT_hence F (x[F]  p(F = y p]))
7658    using "Buridan◇" "vdash-properties:10" by blast
7659  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
7660  AOT_assume x[F]
7661  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
7662  AOT_hence p(F = y p])
7663    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
7664  AOT_thus p(F = y p])
7665    using "prop-prop-nec:1"[THEN "→E"] by blast
7666qed
7667
7668AOT_theorem "enc-prop-nec:2": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7669  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
7670  by blast
7671
7672(*<*)
7673end
7674(*>*)